diff options
Diffstat (limited to 'app/Core/Security/Authorization.php')
| -rw-r--r-- | app/Core/Security/Authorization.php | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/app/Core/Security/Authorization.php b/app/Core/Security/Authorization.php new file mode 100644 index 00000000..a04b3720 --- /dev/null +++ b/app/Core/Security/Authorization.php @@ -0,0 +1,46 @@ +<?php + +namespace Kanboard\Core\Security; + +/** + * Authorization Handler + * + * @package security + * @author Frederic Guillot + */ +class Authorization +{ + /** + * Access Map + * + * @access private + * @var AccessMap + */ + private $acl; + + /** + * Constructor + * + * @access public + * @param AccessMap $acl + */ + public function __construct(AccessMap $acl) + { + $this->acl = $acl; + } + + /** + * Check if the given role is allowed to access to the specified resource + * + * @access public + * @param string $controller + * @param string $method + * @param string $role + * @return boolean + */ + public function isAllowed($controller, $method, $role) + { + $roles = $this->acl->getRoles($controller, $method); + return in_array($role, $roles); + } +} |