我按照symfony cookbook中推荐的策略“一致”测试我的新自定义选民
尽管我的选民返回被授予的结果被拒绝:
我的选民
class OrderCardViewVoter implements VoterInterface {
private $container;
private $supportedRoles;
public function __construct($container) {
$this->container = $container;
$this->supportedRoles = array('VIEW');
}
public function supportsAttribute($attribute) {
return in_array($attribute, $this->supportedRoles);
//return $attribute === 'VIEW';
}
public function supportsClass($class) {
return true;
}
/**
* Checks whether or not the current user can edit a comment.
*
* Users with the role ROLE_COMMENT_MODERATOR may always edit.
* A comment's author can only edit within 5 minutes of it being posted.
*
* {@inheritdoc}
*/
public function vote(TokenInterface $token, $object, array $attributes)
{
$result = VoterInterface::ACCESS_ABSTAIN;
if (!$object instanceof OrderCard) {
return $result;
}
foreach ($attributes as $attribute) {
if (!$this->supportsAttribute($attribute)) {
continue;
}
$result = VoterInterface::ACCESS_DENIED;
if ($object->getEmployee()->getUser() === $token->getUser()
|| in_array('ROLE_SUPER_ADMIN', $token->getRoles())) {
return VoterInterface::ACCESS_GRANTED;
}
}
return $result;
}
我的控制器
public function printAction($id)
{
$em = $this->getDoctrine()->getManager();
$entity = $em->getRepository('CuculoERPBundle:OrderCard')->find($id);
if (!$entity) {
throw $this->createNotFoundException('Unable to find OrderCard entity.');
}
$securityContext = $this->get('security.context');
if (false === $securityContext->isGranted('VIEW', $entity)) {
throw new AccessDeniedException();
}
// ...
选民返回测试对象的有效结果。
答案 0 :(得分:1)
您可以查看
Symfony \ Component \ Security \ Core \ Authorization \ AccessDecisionManager - > decideUnanimous(...)
看看哪个选民否认。