Revert "Avoid totally rewriting of AccessRule::matchRole #380"

This reverts commit 78bd5f9.

CHANGELOG.md

@@ -1,7 +1,6 @@
 # CHANGELOG
 
 ## work in progress
- - Fix #380: Avoid rewriting AccessRule::matchRole (maxxer)
  - Fix #378: Add module attribute 'disableIpLogging' (jkmssoft)
 
 ## 1.5.1 April 5, 2020

src/User/Filter/AccessRuleFilter.php

@@ -48,21 +48,38 @@ public function allows($action, $user, $request)
 
     /**
      * {@inheritdoc}
-     **/
+     * */
     protected function matchRole($user)
     {
         if (empty($this->roles)) {
-            return parent::matchRole($user);
+            return true;
         }
 
-        // We just check our custom role "admin" otherwise call back the original implementation
-        if (!in_array("admin", $this->roles)) {
-            return parent::matchRole($user);
-        }
-        /** @var User $identity */
-        $identity = $user->getIdentity();
-        if (!$user->getIsGuest() && $identity->getIsAdmin()) {
-            return true;
+        foreach ($this->roles as $role) {
+            if ($role === '?') {
+                if ($user->getIsGuest()) {
+                    return true;
+                }
+            } elseif ($role === '@') {
+                if (!$user->getIsGuest()) {
+                    return true;
+                }
+            } elseif ($role === 'admin') {
+                /** @var User $identity */
+                $identity = $user->getIdentity();
+
+                if (!$user->getIsGuest() && $identity->getIsAdmin()) {
+                    return true;
+                }
+            } else {
+                $roleParams = $this->roleParams instanceof Closure
+                    ? call_user_func($this->roleParams, $this)
+                    : $this->roleParams;
+
+                if ($user->can($role, $roleParams)) {
+                    return true;
+                }
+            }
         }
 
         return false;