1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
<?php
/**
* This file is part of the Nette Framework (https://nette.org)
* Copyright (c) 2004 David Grudl (https://davidgrudl.com)
*/
namespace Nette\Bridges\SecurityDI;
use Nette;
/**
* Security extension for Nette DI.
*/
class SecurityExtension extends Nette\DI\CompilerExtension
{
public $defaults = [
'debugger' => TRUE,
'users' => [], // of [user => password] or [user => ['password' => password, 'roles' => [role]]]
'roles' => [], // of [role => parents]
'resources' => [], // of [resource => parents]
];
/** @var bool */
private $debugMode;
public function __construct($debugMode = FALSE)
{
$this->debugMode = $debugMode;
}
public function loadConfiguration()
{
$config = $this->validateConfig($this->defaults);
$builder = $this->getContainerBuilder();
$builder->addDefinition($this->prefix('userStorage'))
->setClass(Nette\Security\IUserStorage::class)
->setFactory(Nette\Http\UserStorage::class);
$user = $builder->addDefinition($this->prefix('user'))
->setClass(Nette\Security\User::class);
if ($this->debugMode && $config['debugger']) {
$user->addSetup('@Tracy\Bar::addPanel', [
new Nette\DI\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),
]);
}
if ($config['users']) {
$usersList = $usersRoles = [];
foreach ($config['users'] as $username => $data) {
$data = is_array($data) ? $data : ['password' => $data];
$this->validateConfig(['password' => NULL, 'roles' => NULL], $data, $this->prefix("security.users.$username"));
$usersList[$username] = $data['password'];
$usersRoles[$username] = isset($data['roles']) ? $data['roles'] : NULL;
}
$builder->addDefinition($this->prefix('authenticator'))
->setClass(Nette\Security\IAuthenticator::class)
->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles]);
if ($this->name === 'security') {
$builder->addAlias('nette.authenticator', $this->prefix('authenticator'));
}
}
if ($config['roles'] || $config['resources']) {
$authorizator = $builder->addDefinition($this->prefix('authorizator'))
->setClass(Nette\Security\IAuthorizator::class)
->setFactory(Nette\Security\Permission::class);
foreach ($config['roles'] as $role => $parents) {
$authorizator->addSetup('addRole', [$role, $parents]);
}
foreach ($config['resources'] as $resource => $parents) {
$authorizator->addSetup('addResource', [$resource, $parents]);
}
if ($this->name === 'security') {
$builder->addAlias('nette.authorizator', $this->prefix('authorizator'));
}
}
if ($this->name === 'security') {
$builder->addAlias('user', $this->prefix('user'));
$builder->addAlias('nette.userStorage', $this->prefix('userStorage'));
}
}
}
|
