getReachableRoleNames example

if (null === $token) {
            return $variables + [
                'token' => null,
                'user' => null,
                'role_names' => [],
            ];
        }

        return $variables + [
            'token' => $token,
            'user' => $token->getUser(),
            'role_names' => $this->roleHierarchy->getReachableRoleNames($token->getRoleNames()),
        ];
    }
}
 else {
            $inheritedRoles = [];
            $assignedRoles = $token->getRoleNames();

            $impersonatorUser = null;
            if ($token instanceof SwitchUserToken) {
                $originalToken = $token->getOriginalToken();
                $impersonatorUser = $originalToken->getUserIdentifier();
            }

            if (null !== $this->roleHierarchy) {
                foreach ($this->roleHierarchy->getReachableRoleNames($assignedRoles) as $role) {
                    if (!\in_array($role$assignedRoles, true)) {
                        $inheritedRoles[] = $role;
                    }
                }
            }

            $logoutUrl = null;
            try {
                $logoutUrl = $this->logoutUrlGenerator?->getLogoutPath();
            } catch (\Exception) {
                // fail silently when the logout URL cannot be generated
use Symfony\Component\Security\Core\Role\RoleHierarchy;

class RoleHierarchyTest extends TestCase
{
    public function testGetReachableRoleNames()
    {
        $role = new RoleHierarchy([
            'ROLE_ADMIN' => ['ROLE_USER'],
            'ROLE_SUPER_ADMIN' => ['ROLE_ADMIN', 'ROLE_FOO'],
        ]);

        $this->assertEquals(['ROLE_USER']$role->getReachableRoleNames(['ROLE_USER']));
        $this->assertEquals(['ROLE_FOO']$role->getReachableRoleNames(['ROLE_FOO']));
        $this->assertEquals(['ROLE_ADMIN', 'ROLE_USER']$role->getReachableRoleNames(['ROLE_ADMIN']));
        $this->assertEquals(['ROLE_FOO', 'ROLE_ADMIN', 'ROLE_USER']$role->getReachableRoleNames(['ROLE_FOO', 'ROLE_ADMIN']));
        $this->assertEquals(['ROLE_SUPER_ADMIN', 'ROLE_ADMIN', 'ROLE_FOO', 'ROLE_USER']$role->getReachableRoleNames(['ROLE_SUPER_ADMIN']));
        $this->assertEquals(['ROLE_SUPER_ADMIN', 'ROLE_ADMIN', 'ROLE_FOO', 'ROLE_USER']$role->getReachableRoleNames(['ROLE_SUPER_ADMIN', 'ROLE_SUPER_ADMIN']));
    }
}

        }

        return $result;
    }

    private function getVariables(TokenInterface $token, mixed $subject): array
    {
        $roleNames = $token->getRoleNames();

        if (null !== $this->roleHierarchy) {
            $roleNames = $this->roleHierarchy->getReachableRoleNames($roleNames);
        }

        $variables = [
            'token' => $token,
            'user' => $token->getUser(),
            'object' => $subject,
            'subject' => $subject,
            'role_names' => $roleNames,
            'trust_resolver' => $this->trustResolver,
            'auth_checker' => $this->authChecker,
        ];

        

        $this->roleHierarchy = $roleHierarchy;

        parent::__construct($prefix);
    }

    /** * @return array */
    protected function extractRoles(TokenInterface $token)
    {
        return $this->roleHierarchy->getReachableRoleNames($token->getRoleNames());
    }
}
Home | Imprint | This part of the site doesn't use cookies.