diff --git a/src/Authority/Authority.php b/src/Authority/Authority.php index f10dd31..c41ac88 100644 --- a/src/Authority/Authority.php +++ b/src/Authority/Authority.php @@ -108,43 +108,51 @@ public function cannot($action, $resource, $resourceValue = null) /** * Define privilege for a given action and resource * - * @param string $action Action for the rule - * @param mixed $resource Resource for the rule - * @param Closure|null $condition Optional condition for the rule - * @return Rule + * @param array|string $actions Action for the rule + * @param mixed $resource Resource for the rule + * @param Closure|null $condition Optional condition for the rule + * @return array|Rule */ - public function allow($action, $resource, $condition = null) + public function allow($actions, $resource, $condition = null) { - return $this->addRule(true, $action, $resource, $condition); + return $this->addRule(true, $actions, $resource, $condition); } /** * Define restriction for a given action and resource * - * @param string $action Action for the rule - * @param mixed $resource Resource for the rule - * @param Closure|null $condition Optional condition for the rule - * @return Rule + * @param array|string $actions Action for the rule + * @param mixed $resource Resource for the rule + * @param Closure|null $condition Optional condition for the rule + * @return array|Rule */ - public function deny($action, $resource, $condition = null) + public function deny($actions, $resource, $condition = null) { - return $this->addRule(false, $action, $resource, $condition); + return $this->addRule(false, $actions, $resource, $condition); } /** * Define rule for a given action and resource * - * @param boolean $allow True if privilege, false if restriction - * @param string $action Action for the rule - * @param mixed $resource Resource for the rule - * @param Closure|null $condition Optional condition for the rule - * @return Rule + * @param boolean $allow True if privilege, false if restriction + * @param array|string $actions Action for the rule + * @param mixed $resource Resource for the rule + * @param Closure|null $condition Optional condition for the rule + * @return array|Rule */ - public function addRule($allow, $action, $resource, $condition = null) + public function addRule($allow, $actions, $resource, $condition = null) { - $rule = new Rule($allow, $action, $resource, $condition); - $this->rules->add($rule); - return $rule; + $rules = array(); + + $actions = (array) $actions; + + foreach ($actions as $action) { + $rule = new Rule($allow, $action, $resource, $condition); + $this->rules->add($rule); + $rules[] = $rule; + } + + return count($rules) === 1 ? $rules[0] : $rules; } /** diff --git a/tests/AuthorityTest.php b/tests/AuthorityTest.php index ade79d8..f44b406 100644 --- a/tests/AuthorityTest.php +++ b/tests/AuthorityTest.php @@ -36,6 +36,18 @@ public function testCanStoreNewPrivilege() $this->assertTrue($rule->getBehavior()); } + public function testCanStoreMultiplePrivileges() + { + $rules = $this->auth->allow(array('read', 'create'), 'User'); + $this->assertCount(2, $this->auth->getRules()); + $this->assertCount(2, $rules); + + foreach ($rules as $rule) { + $this->assertContains($rule, $this->auth->getRules()); + $this->assertTrue($rule->getBehavior()); + } + } + public function testCanStoreNewRestriction() { $rule = $this->auth->deny('read', 'User'); @@ -44,6 +56,18 @@ public function testCanStoreNewRestriction() $this->assertFalse($rule->getBehavior()); } + public function testCanStoreMultipleRestrictions() + { + $rules = $this->auth->deny(array('read', 'create'), 'User'); + $this->assertCount(2, $this->auth->getRules()); + $this->assertCount(2, $rules); + + foreach ($rules as $rule) { + $this->assertContains($rule, $this->auth->getRules()); + $this->assertFalse($rule->getBehavior()); + } + } + public function testCanStoreNewAlias() { $alias = $this->auth->addAlias('manage', array('create', 'read', 'update', 'delete'));