1: <?php
2:
3: 4: 5: 6:
7:
8: namespace Nette\Bridges\SecurityDI;
9:
10: use Nette;
11:
12:
13: 14: 15:
16: class SecurityExtension extends Nette\DI\CompilerExtension
17: {
18: public $defaults = [
19: 'debugger' => true,
20: 'users' => [],
21: 'roles' => [],
22: 'resources' => [],
23: ];
24:
25:
26: private $debugMode;
27:
28:
29: public function __construct($debugMode = false)
30: {
31: $this->debugMode = $debugMode;
32: }
33:
34:
35: public function loadConfiguration()
36: {
37: $config = $this->validateConfig($this->defaults);
38: $builder = $this->getContainerBuilder();
39:
40: $builder->addDefinition($this->prefix('passwords'))
41: ->setFactory(Nette\Security\Passwords::class);
42:
43: $builder->addDefinition($this->prefix('userStorage'))
44: ->setClass(Nette\Security\IUserStorage::class)
45: ->setFactory(Nette\Http\UserStorage::class);
46:
47: $user = $builder->addDefinition($this->prefix('user'))
48: ->setFactory(Nette\Security\User::class);
49:
50: if ($this->debugMode && $config['debugger']) {
51: $user->addSetup('@Tracy\Bar::addPanel', [
52: new Nette\DI\Statement(Nette\Bridges\SecurityTracy\UserPanel::class),
53: ]);
54: }
55:
56: if ($config['users']) {
57: $usersList = $usersRoles = [];
58: foreach ($config['users'] as $username => $data) {
59: $data = is_array($data) ? $data : ['password' => $data];
60: $this->validateConfig(['password' => null, 'roles' => null], $data, $this->prefix("security.users.$username"));
61: $usersList[$username] = $data['password'];
62: $usersRoles[$username] = isset($data['roles']) ? $data['roles'] : null;
63: }
64:
65: $builder->addDefinition($this->prefix('authenticator'))
66: ->setClass(Nette\Security\IAuthenticator::class)
67: ->setFactory(Nette\Security\SimpleAuthenticator::class, [$usersList, $usersRoles]);
68:
69: if ($this->name === 'security') {
70: $builder->addAlias('nette.authenticator', $this->prefix('authenticator'));
71: }
72: }
73:
74: if ($config['roles'] || $config['resources']) {
75: $authorizator = $builder->addDefinition($this->prefix('authorizator'))
76: ->setClass(Nette\Security\IAuthorizator::class)
77: ->setFactory(Nette\Security\Permission::class);
78:
79: foreach ($config['roles'] as $role => $parents) {
80: $authorizator->addSetup('addRole', [$role, $parents]);
81: }
82: foreach ($config['resources'] as $resource => $parents) {
83: $authorizator->addSetup('addResource', [$resource, $parents]);
84: }
85:
86: if ($this->name === 'security') {
87: $builder->addAlias('nette.authorizator', $this->prefix('authorizator'));
88: }
89: }
90:
91: if ($this->name === 'security') {
92: $builder->addAlias('user', $this->prefix('user'));
93: $builder->addAlias('nette.userStorage', $this->prefix('userStorage'));
94: }
95: }
96: }
97: