class PolicyService (View source)

The policy service reads the policy configuration. The security advice asks this service which methods have to be intercepted by a security interceptor.

The access decision voters get the roles and privileges configured (in the security policy) for a specific method invocation from this service.

Properties

protected bool $initialized
protected ConfigurationManager $configurationManager
protected array $policyConfiguration
protected PrivilegeTarget[] $privilegeTargets
protected Role[] $roles
protected ObjectManagerInterface $objectManager

Methods

void
injectConfigurationManager(ConfigurationManager $configurationManager)

This object is created very early so we can't rely on AOP for the property injection

void
injectObjectManager(ObjectManagerInterface $objectManager)

This object is created very early so we can't rely on AOP for the property injection

void
initialize()

Parses the global policy configuration and initializes roles and privileges accordingly

void
initializePrivilegeTargets()

Initialized all configured privilege targets from the policy definitions

bool
hasRole(string $roleIdentifier)

Checks if a role exists

getRole(string $roleIdentifier)

Returns a Role object configured in the PolicyService

array
getRoles(bool $includeAbstract = false)

Returns an array of all configured roles

array
getAllPrivilegesByType(string $type)

Returns all privileges of the given type

array
getPrivilegeTargets()

Returns all configured privilege targets

PrivilegeTarget|null
getPrivilegeTargetByIdentifier(string $privilegeTargetIdentifier)

Returns the privilege target identified by the given string

void
reset()

Resets the PolicyService to behave transparently during functional testing.

void
emitConfigurationLoaded(array $policyConfiguration)

Emits a signal when the policy configuration has been loaded

void
emitRolesInitialized(array $roles)

Emits a signal when roles have been initialized

Details

void injectConfigurationManager(ConfigurationManager $configurationManager)

This object is created very early so we can't rely on AOP for the property injection

Parameters

ConfigurationManager $configurationManager

The configuration manager

Return Value

void

void injectObjectManager(ObjectManagerInterface $objectManager)

This object is created very early so we can't rely on AOP for the property injection

Parameters

ObjectManagerInterface $objectManager

Return Value

void

protected void initialize()

Parses the global policy configuration and initializes roles and privileges accordingly

Return Value

void

Exceptions

Exception
InvalidConfigurationTypeException

protected void initializePrivilegeTargets()

Initialized all configured privilege targets from the policy definitions

Return Value

void

Exceptions

Exception

bool hasRole(string $roleIdentifier)

Checks if a role exists

Parameters

string $roleIdentifier

The role identifier, format: (:)

Return Value

bool

Exceptions

InvalidConfigurationTypeException
Exception

Role getRole(string $roleIdentifier)

Returns a Role object configured in the PolicyService

Parameters

string $roleIdentifier

The role identifier of the role, format: (:)

Return Value

Role

Exceptions

InvalidConfigurationTypeException
NoSuchRoleException
Exception

array getRoles(bool $includeAbstract = false)

Returns an array of all configured roles

Parameters

bool $includeAbstract

If true the result includes abstract roles, otherwise those will be skipped

Return Value

array

Array of all configured roles, indexed by role identifier

Exceptions

InvalidConfigurationTypeException
Exception

array getAllPrivilegesByType(string $type)

Returns all privileges of the given type

Parameters

string $type

Full qualified class or interface name

Return Value

array

Exceptions

InvalidConfigurationTypeException
Exception

array getPrivilegeTargets()

Returns all configured privilege targets

Return Value

array

Exceptions

InvalidConfigurationTypeException
Exception

PrivilegeTarget|null getPrivilegeTargetByIdentifier(string $privilegeTargetIdentifier)

Returns the privilege target identified by the given string

Parameters

string $privilegeTargetIdentifier

Identifier of a privilege target

Return Value

PrivilegeTarget|null

Exceptions

InvalidConfigurationTypeException
Exception

void reset()

Resets the PolicyService to behave transparently during functional testing.

Return Value

void

protected void emitConfigurationLoaded(array $policyConfiguration)

Emits a signal when the policy configuration has been loaded

This signal can be used to add roles and/or privilegeTargets during runtime. In the slot make sure to receive the $policyConfiguration array by reference so you can alter it.

Parameters

array $policyConfiguration

The policy configuration

Return Value

void

protected void emitRolesInitialized(array $roles)

Emits a signal when roles have been initialized

This signal can be used to register roles during runtime. In the slot make sure to receive the $roles array by reference so you can alter it.

Parameters

array $roles

All initialized roles (even abstract roles)

Return Value

void