261 lines
7.9 KiB
PHP
261 lines
7.9 KiB
PHP
<?php
|
|
|
|
/**
|
|
* LICENSE: The MIT License (the "License")
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
* https://github.com/azure/azure-storage-php/LICENSE
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
* PHP version 5
|
|
*
|
|
* @ignore
|
|
* @category Microsoft
|
|
* @package MicrosoftAzure\Storage\Common\Models
|
|
* @author Azure Storage PHP SDK <dmsh@microsoft.com>
|
|
* @copyright 2017 Microsoft Corporation
|
|
* @license https://github.com/azure/azure-storage-php/LICENSE
|
|
* @link https://github.com/azure/azure-storage-php
|
|
*/
|
|
|
|
namespace MicrosoftAzure\Storage\Common\Internal;
|
|
|
|
use MicrosoftAzure\Storage\Common\Models\AccessPolicy;
|
|
use MicrosoftAzure\Storage\Common\Models\SignedIdentifier;
|
|
use MicrosoftAzure\Storage\Common\Internal\Serialization\XmlSerializer;
|
|
|
|
/**
|
|
* Provide base class for service ACLs.
|
|
*
|
|
* @category Microsoft
|
|
* @package MicrosoftAzure\Storage\Common\Models
|
|
* @author Azure Storage PHP SDK <dmsh@microsoft.com>
|
|
* @copyright 2017 Microsoft Corporation
|
|
* @license https://github.com/azure/azure-storage-php/LICENSE
|
|
* @link https://github.com/azure/azure-storage-php
|
|
*/
|
|
abstract class ACLBase
|
|
{
|
|
private $signedIdentifiers = array();
|
|
private $resourceType = '';
|
|
|
|
/**
|
|
* Create an AccessPolicy object by resource type.
|
|
*
|
|
* @return AccessPolicy
|
|
*/
|
|
abstract protected static function createAccessPolicy();
|
|
|
|
/**
|
|
* Validate if the resource type for the class.
|
|
*
|
|
* @param string $resourceType the resource type to be validated.
|
|
*
|
|
* @throws \InvalidArgumentException
|
|
*
|
|
* @internal
|
|
*
|
|
* @return void
|
|
*/
|
|
abstract protected static function validateResourceType($resourceType);
|
|
|
|
/**
|
|
* Converts signed identifiers to array representation for XML serialization
|
|
*
|
|
* @internal
|
|
*
|
|
* @return array
|
|
*/
|
|
public function toArray()
|
|
{
|
|
$array = array();
|
|
|
|
foreach ($this->getSignedIdentifiers() as $value) {
|
|
$array[] = $value->toArray();
|
|
}
|
|
|
|
return $array;
|
|
}
|
|
|
|
/**
|
|
* Converts this signed identifiers to XML representation.
|
|
*
|
|
* @param XmlSerializer $xmlSerializer The XML serializer.
|
|
*
|
|
* @internal
|
|
*
|
|
* @return string
|
|
*/
|
|
public function toXml(XmlSerializer $serializer)
|
|
{
|
|
$properties = array(
|
|
XmlSerializer::DEFAULT_TAG => Resources::XTAG_SIGNED_IDENTIFIER,
|
|
XmlSerializer::ROOT_NAME => Resources::XTAG_SIGNED_IDENTIFIERS
|
|
);
|
|
|
|
return $serializer->serialize($this->toArray(), $properties);
|
|
}
|
|
|
|
/**
|
|
* Construct the signed identifiers from a given parsed XML in array
|
|
* representation.
|
|
*
|
|
* @param array|null $parsed The parsed XML into array representation.
|
|
*
|
|
* @internal
|
|
*
|
|
* @return void
|
|
*/
|
|
public function fromXmlArray(array $parsed = null)
|
|
{
|
|
$this->setSignedIdentifiers(array());
|
|
|
|
// Initialize signed identifiers.
|
|
if (!empty($parsed) &&
|
|
is_array($parsed[Resources::XTAG_SIGNED_IDENTIFIER])
|
|
) {
|
|
$entries = $parsed[Resources::XTAG_SIGNED_IDENTIFIER];
|
|
$temp = Utilities::getArray($entries);
|
|
|
|
foreach ($temp as $value) {
|
|
$accessPolicy = $value[Resources::XTAG_ACCESS_POLICY];
|
|
$startString = urldecode(
|
|
$accessPolicy[Resources::XTAG_SIGNED_START]
|
|
);
|
|
$expiryString = urldecode(
|
|
$accessPolicy[Resources::XTAG_SIGNED_EXPIRY]
|
|
);
|
|
$start = Utilities::convertToDateTime($startString);
|
|
$expiry = Utilities::convertToDateTime($expiryString);
|
|
$permission = $accessPolicy[Resources::XTAG_SIGNED_PERMISSION];
|
|
$id = $value[Resources::XTAG_SIGNED_ID];
|
|
$this->addSignedIdentifier($id, $start, $expiry, $permission);
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Gets the type of resource this ACL relate to.
|
|
*
|
|
* @internal
|
|
*
|
|
* @return string
|
|
*/
|
|
protected function getResourceType()
|
|
{
|
|
return $this->resourceType;
|
|
}
|
|
|
|
/**
|
|
* Set the type of resource this ACL relate to.
|
|
*
|
|
* @internal
|
|
*
|
|
* @return void
|
|
*/
|
|
protected function setResourceType($resourceType)
|
|
{
|
|
static::validateResourceType($resourceType);
|
|
$this->resourceType = $resourceType;
|
|
}
|
|
|
|
/**
|
|
* Add a signed identifier to the ACL.
|
|
*
|
|
* @param string $id A unique id for this signed identifier.
|
|
* @param \DateTime $start The time at which the Shared Access
|
|
* Signature becomes valid. If omitted, start
|
|
* time for this call is assumed to be the
|
|
* time when the service receives the
|
|
* request.
|
|
* @param \DateTime $expiry The time at which the Shared Access
|
|
* Signature becomes invalid.
|
|
* @param string $permissions The permissions associated with the Shared
|
|
* Access Signature. The user is restricted to
|
|
* operations allowed by the permissions.
|
|
*
|
|
* @return void
|
|
*
|
|
* @see https://docs.microsoft.com/en-us/rest/api/storageservices/fileservices/establishing-a-stored-access-policy
|
|
*/
|
|
public function addSignedIdentifier(
|
|
$id,
|
|
\DateTime $start,
|
|
\DateTime $expiry,
|
|
$permissions
|
|
) {
|
|
Validate::canCastAsString($id, 'id');
|
|
if ($start != null) {
|
|
Validate::isDate($start);
|
|
}
|
|
Validate::isDate($expiry);
|
|
Validate::canCastAsString($permissions, 'permissions');
|
|
|
|
$accessPolicy = static::createAccessPolicy();
|
|
$accessPolicy->setStart($start);
|
|
$accessPolicy->setExpiry($expiry);
|
|
$accessPolicy->setPermission($permissions);
|
|
|
|
$signedIdentifier = new SignedIdentifier();
|
|
$signedIdentifier->setId($id);
|
|
$signedIdentifier->setAccessPolicy($accessPolicy);
|
|
|
|
// Remove the signed identifier with the same ID.
|
|
$this->removeSignedIdentifier($id);
|
|
|
|
// There can be no more than 5 signed identifiers at the same time.
|
|
Validate::isTrue(
|
|
count($this->getSignedIdentifiers()) < 5,
|
|
Resources::ERROR_TOO_MANY_SIGNED_IDENTIFIERS
|
|
);
|
|
|
|
$this->signedIdentifiers[] = $signedIdentifier;
|
|
}
|
|
|
|
/**
|
|
* Remove the signed identifier with given ID.
|
|
*
|
|
* @param string $id The ID of the signed identifier to be removed.
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public function removeSignedIdentifier($id)
|
|
{
|
|
Validate::canCastAsString($id, 'id');
|
|
//var_dump($this->signedIdentifiers);
|
|
for ($i = 0; $i < count($this->signedIdentifiers); ++$i) {
|
|
if ($this->signedIdentifiers[$i]->getId() == $id) {
|
|
array_splice($this->signedIdentifiers, $i, 1);
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Gets signed identifiers.
|
|
*
|
|
* @return array
|
|
*/
|
|
public function getSignedIdentifiers()
|
|
{
|
|
return $this->signedIdentifiers;
|
|
}
|
|
|
|
public function setSignedIdentifiers(array $signedIdentifiers)
|
|
{
|
|
// There can be no more than 5 signed identifiers at the same time.
|
|
Validate::isTrue(
|
|
count($signedIdentifiers) <= 5,
|
|
Resources::ERROR_TOO_MANY_SIGNED_IDENTIFIERS
|
|
);
|
|
$this->signedIdentifiers = $signedIdentifiers;
|
|
}
|
|
}
|