ÿØÿàJFIFÿþ ÿÛC       ÿÛC ÿÀÿÄÿÄ"#QrÿÄÿÄ&1!A"2qQaáÿÚ ?Øy,æ/3JæݹÈ߲؋5êXw²±ÉyˆR”¾I0ó2—PI¾IÌÚiMö¯–þrìN&"KgX:Šíµ•nTJnLK„…@!‰-ý ùúmë;ºgµŒ&ó±hw’¯Õ@”Ü— 9ñ-ë.²1<yà‚¹ïQÐU„ہ?.’¦èûbß±©Ö«Âw*VŒ) `$‰bØԟ’ëXÖ-ËTÜíGÚ3ð«g Ÿ§¯—Jx„–’U/ÂÅv_s(Hÿ@TñJÑãõçn­‚!ÈgfbÓc­:él[ðQe 9ÀPLbÃãCµm[5¿ç'ªjglå‡Ûí_§Úõl-;"PkÞÞÁQâ¼_Ñ^¢SŸx?"¸¦ùY騐ÒOÈ q’`~~ÚtËU¹CڒêV  I1Áß_ÿÙ * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Security\Acl\Domain; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver; use Symfony\Component\Security\Core\Role\RoleHierarchyInterface; use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; /** * Strategy for retrieving security identities * * @author Johannes M. Schmitt */ class SecurityIdentityRetrievalStrategy implements SecurityIdentityRetrievalStrategyInterface { private $roleHierarchy; private $authenticationTrustResolver; /** * Constructor * * @param RoleHierarchyInterface $roleHierarchy * @param AuthenticationTrustResolver $authenticationTrustResolver */ public function __construct(RoleHierarchyInterface $roleHierarchy, AuthenticationTrustResolver $authenticationTrustResolver) { $this->roleHierarchy = $roleHierarchy; $this->authenticationTrustResolver = $authenticationTrustResolver; } /** * {@inheritDoc} */ public function getSecurityIdentities(TokenInterface $token) { $sids = array(); // add user security identity if (!$token instanceof AnonymousToken) { try { $sids[] = UserSecurityIdentity::fromToken($token); } catch (\InvalidArgumentException $invalid) { // ignore, user has no user security identity } } // add all reachable roles foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) { $sids[] = new RoleSecurityIdentity($role); } // add built-in special roles if ($this->authenticationTrustResolver->isFullFledged($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } elseif ($this->authenticationTrustResolver->isRememberMe($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } elseif ($this->authenticationTrustResolver->isAnonymous($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } return $sids; } }