Merge pull request #22 from zf-fr/simplfy

Remove traversal strategy

.travis.yml

@@ -1,3 +1,5 @@
+sudo: false
+
 language: php
 
 php:
@@ -16,8 +18,4 @@ before_script:
 
 script:
   - ./vendor/bin/phpunit --coverage-clover=coverage.clover --group=Coverage
-  - ./vendor/bin/phpcs --standard=PSR2 ./src/
-
-after_script:
-  - wget https://scrutinizer-ci.com/ocular.phar
-  - php ocular.phar code-coverage:upload --format=php-clover coverage.clover
+  - ./vendor/bin/phpcs --standard=PSR2 ./src/

CHANGELOG.md

@@ -2,8 +2,10 @@
 
 ## 2.0.0
 
-* Minimum PHP dependency has been raised to 5.5.
-* `PermissionInterface` has been removed from RBAC component. This has been moved to ZfcRbac.
+* [BC] Minimum PHP dependency has been raised to 5.5.
+* [BC] `PermissionInterface` has been removed from RBAC component. This has been moved to ZfcRbac. Rbac only accepts "mixed"
+permission, and it is up to your implementation to decide what a permission is.
+* [BC] Rbac will now throw an exception if permission is not a string. If you need to do more check, you could use assertions for instance.
 
 ## 1.2.0
 

composer.json

@@ -31,7 +31,7 @@
     },
     "autoload-dev": {
         "psr-4": {
-            "RbacTest\\": "tests/"
+            "RbacTest\\": "test/"
         }
     }
 }

phpunit.xml.dist

@@ -12,7 +12,7 @@
     syntaxCheck="true"
 >
     <testsuite name="ZfrRbac tests">
-        <directory>./tests</directory>
+        <directory>./test</directory>
     </testsuite>
     <filter>
         <whitelist addUncoveredFilesFromWhitelist="true">

src/Traversal/Strategy/TraversalStrategyInterface.php → src/Exception/ExceptionInterface.php

@@ -7,19 +7,11 @@
  * @license   http://framework.zend.com/license/new-bsd New BSD License
  */
 
-namespace Rbac\Traversal\Strategy;
-
-use Rbac\Role\RoleInterface;
-use Traversable;
+namespace Rbac\Exception;
 
 /**
- * Interface for a traversal strategy
+ * Base interface for Rbac
  */
-interface TraversalStrategyInterface
+interface ExceptionInterface
 {
-    /**
-     * @param  RoleInterface[]|Traversable
-     * @return Traversable
-     */
-    public function getRolesIterator($roles);
 }

src/Exception/RuntimeException.php

@@ -0,0 +1,16 @@
+<?php
+/**
+ * Zend Framework (http://framework.zend.com/)
+ *
+ * @link      http://github.com/zendframework/zf2 for the canonical source repository
+ * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   http://framework.zend.com/license/new-bsd New BSD License
+ */
+
+namespace Rbac\Exception;
+
+use RuntimeException as BaseRuntimeException;
+
+class RuntimeException extends BaseRuntimeException implements ExceptionInterface
+{
+}

src/Rbac.php

@@ -9,44 +9,38 @@
 
 namespace Rbac;
 
+use Generator;
+use Rbac\Exception\RuntimeException;
+use Rbac\Role\HierarchicalRoleInterface;
 use Rbac\Role\RoleInterface;
-use Rbac\Traversal\Strategy\TraversalStrategyInterface;
 use Traversable;
 
 /**
  * Rbac object. It is used to check a permission against roles
  */
 class Rbac
 {
-    /**
-     * @var TraversalStrategyInterface
-     */
-    protected $traversalStrategy;
-
-    /**
-     * @param TraversalStrategyInterface $strategy
-     */
-    public function __construct(TraversalStrategyInterface $strategy)
-    {
-        $this->traversalStrategy = $strategy;
-    }
-
     /**
      * Determines if access is granted by checking the roles for permission.
      *
      * @param  RoleInterface|RoleInterface[]|Traversable $roles
-     * @param  mixed                                     $permission
+     * @param  string                                    $permission
      * @return bool
      */
     public function isGranted($roles, $permission)
     {
+        if (!is_string($permission)) {
+            throw new RuntimeException(sprintf(
+                'Permission must be a string, "%s" given',
+                is_object($permission) ? get_class($permission) : gettype($permission)
+            ));
+        }
+
         if ($roles instanceof RoleInterface) {
             $roles = [$roles];
         }
 
-        $iterator = $this->traversalStrategy->getRolesIterator($roles);
-
-        foreach ($iterator as $role) {
+        foreach ($this->flattenRoles($roles) as $role) {
             /* @var RoleInterface $role */
             if ($role->hasPermission($permission)) {
                 return true;
@@ -57,12 +51,23 @@ public function isGranted($roles, $permission)
     }
 
     /**
-     * Get the strategy.
-     *
-     * @return TraversalStrategyInterface
+     * @param  RoleInterface[]|Traversable $roles
+     * @return Generator
      */
-    public function getTraversalStrategy()
+    protected function flattenRoles($roles)
     {
-        return $this->traversalStrategy;
+        foreach ($roles as $role) {
+            yield $role;
+
+            if (!$role instanceof HierarchicalRoleInterface) {
+                continue;
+            }
+
+            $children = $this->flattenRoles($role->getChildren());
+
+            foreach ($children as $child) {
+                yield $child;
+            }
+        }
     }
 }

src/Role/HierarchicalRoleInterface.php

@@ -28,7 +28,7 @@ public function hasChildren();
     /**
      * Get child roles
      *
-     * @return array|RoleInterface[]|Traversable
+     * @return RoleInterface[]|Traversable
      */
     public function getChildren();
 }

src/Role/RoleInterface.php

@@ -26,7 +26,7 @@ public function getName();
     /**
      * Checks if a permission exists for this role (it does not check child roles)
      *
-     * @param  mixed $permission
+     * @param  string $permission
      * @return bool
      */
     public function hasPermission($permission);