diff options
Diffstat (limited to 'app/Core/Security/AccessMap.php')
| -rw-r--r-- | app/Core/Security/AccessMap.php | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/app/Core/Security/AccessMap.php b/app/Core/Security/AccessMap.php new file mode 100644 index 00000000..10a29e1f --- /dev/null +++ b/app/Core/Security/AccessMap.php @@ -0,0 +1,92 @@ +<?php + +namespace Kanboard\Core\Security; + +/** + * Access Map Definition + * + * @package security + * @author Frederic Guillot + */ +class AccessMap +{ + /** + * Default role + * + * @access private + * @var string + */ + private $defaultRole = ''; + + /** + * Access map + * + * @access private + * @var array + */ + private $map = array(); + + /** + * Define the default role when nothing match + * + * @access public + * @param string $role + * @return Acl + */ + public function setDefaultRole($role) + { + $this->defaultRole = $role; + return $this; + } + + /** + * Add new access rules + * + * @access public + * @param string $controller + * @param string $method + * @param array $roles + * @return Acl + */ + public function add($controller, $method, array $roles) + { + $controller = strtolower($controller); + $method = strtolower($method); + + if (! isset($this->map[$controller])) { + $this->map[$controller] = array(); + } + + if (! isset($this->map[$controller][$method])) { + $this->map[$controller][$method] = array(); + } + + $this->map[$controller][$method] = $roles; + + return $this; + } + + /** + * Get roles that match the given controller/method + * + * @access public + * @param string $controller + * @param string $method + * @return boolean + */ + public function getRoles($controller, $method) + { + $controller = strtolower($controller); + $method = strtolower($method); + + if (isset($this->map[$controller][$method])) { + return $this->map[$controller][$method]; + } + + if (isset($this->map[$controller]['*'])) { + return $this->map[$controller]['*']; + } + + return array($this->defaultRole); + } +} |