bootstrap.php 2.63 KB
Newer Older
1
2
<?php
/**
3
 * gredu_labs.
4
5
 * 
 * @link https://github.com/eellak/gredu_labs for the canonical source repository
6
 *
7
8
9
10
11
 * @copyright Copyright (c) 2008-2015 Greek Free/Open Source Software Society (https://gfoss.ellak.gr/)
 * @license GNU GPLv3 http://www.gnu.org/licenses/gpl-3.0-standalone.html
 */

return function (Slim\App $app) {
12
13
14
15
16
17
18
19
20
21
22
23
24

    $container = $app->getContainer();

    $container['autoloader']->addPsr4('GrEduLabs\\Authorization\\', __DIR__ . '/src');

    $container['settings']->set('determineRouteBeforeAppMiddleware', true);

    $container[GrEduLabs\Authorization\Acl::class] = function ($c) {
        $settings = $c['settings'];

        return new GrEduLabs\Authorization\Acl($settings['acl'], $c);
    };

25
26
27
28
    $container['acl'] = $container->protect(function () use ($container) {
        return $container[GrEduLabs\Authorization\Acl::class];
    });

29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
    $container['current_role'] = $container->protect(function () use ($container) {
        $settings    = $container['settings'];
        $defaultRole = $settings['acl']['default_role'];
        $identity    = $container['authentication_service']->getIdentity();
        if ($identity && $identity instanceof GrEduLabs\Authorization\RoleAwareInterface &&
            ($role = $identity->getRole())) {
            return $role;
        }

        return $defaultRole;
    });

    $container[GrEduLabs\Authorization\RouteGuard::class] = function ($c) {
        $role = call_user_func($c['current_role']);

        return new GrEduLabs\Authorization\RouteGuard($c[GrEduLabs\Authorization\Acl::class], $role);
    };

47
48
49
50
51
    $container[GrEduLabs\Authorization\Listener\RoleProvider::class] = function ($c) {
        return new GrEduLabs\Authorization\Listener\RoleProvider(
            $c['authentication_storage'],
            $c[GrEduLabs\Authorization\Acl::class]
        );
52
53
54
55
56
    };

    $events = $container['events'];

    $events('on', 'authenticate.success', function ($stop, $identity) use ($container) {
57
        $listener = $container[GrEduLabs\Authorization\Listener\RoleProvider::class];
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
        $listener($stop, $identity);
    });

    $events('on', 'bootstrap', function () use ($app, $container) {

        $container->extend('authentication_identity_class', function ($c) {
            return GrEduLabs\Authorization\Identity::class;
        });

        $container->extend(GrEduLabs\Application\Twig\Extension\Navigation::class, function ($navigation, $c) {
            return $navigation
                ->setAcl($c[GrEduLabs\Authorization\Acl::class])
                ->setCurrentRole(call_user_func($c['current_role']));
        });

        $app->add(GrEduLabs\Authorization\RouteGuard::class);
    });

};