| author | Raphael Velt <raph.velt@gmail.com> |
| Wed, 02 May 2012 19:19:51 +0200 | |
| changeset 597 | 07ab28bca482 |
| parent 207 | 621fa6caec0c |
| child 807 | 877f952ae2bd |
| permissions | -rw-r--r-- |
|
0
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1 |
<?php |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
2 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
3 |
* Zend Framework |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
4 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
5 |
* LICENSE |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
6 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
7 |
* This source file is subject to the new BSD license that is bundled |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
8 |
* with this package in the file LICENSE.txt. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
9 |
* It is also available through the world-wide-web at this URL: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
10 |
* http://framework.zend.com/license/new-bsd |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
11 |
* If you did not receive a copy of the license and are unable to |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
12 |
* obtain it through the world-wide-web, please send an email |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
13 |
* to license@zend.com so we can send you a copy immediately. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
14 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
15 |
* @category Zend |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
16 |
* @package Zend_Acl |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
17 |
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
18 |
* @license http://framework.zend.com/license/new-bsd New BSD License |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
19 |
* @version $Id: Acl.php 23358 2010-11-18 16:19:31Z ralph $ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
20 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
21 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
22 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
23 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
24 |
* @see Zend_Acl_Resource_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
25 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
26 |
require_once 'Zend/Acl/Resource/Interface.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
27 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
28 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
29 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
30 |
* @see Zend_Acl_Role_Registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
31 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
32 |
require_once 'Zend/Acl/Role/Registry.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
33 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
34 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
35 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
36 |
* @see Zend_Acl_Assert_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
37 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
38 |
require_once 'Zend/Acl/Assert/Interface.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
39 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
40 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
41 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
42 |
* @see Zend_Acl_Role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
43 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
44 |
require_once 'Zend/Acl/Role.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
45 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
46 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
47 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
48 |
* @see Zend_Acl_Resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
49 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
50 |
require_once 'Zend/Acl/Resource.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
51 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
52 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
53 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
54 |
* @category Zend |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
55 |
* @package Zend_Acl |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
56 |
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
57 |
* @license http://framework.zend.com/license/new-bsd New BSD License |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
58 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
59 |
class Zend_Acl |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
60 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
61 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
62 |
* Rule type: allow |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
63 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
64 |
const TYPE_ALLOW = 'TYPE_ALLOW'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
65 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
66 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
67 |
* Rule type: deny |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
68 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
69 |
const TYPE_DENY = 'TYPE_DENY'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
70 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
71 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
72 |
* Rule operation: add |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
73 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
74 |
const OP_ADD = 'OP_ADD'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
75 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
76 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
77 |
* Rule operation: remove |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
78 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
79 |
const OP_REMOVE = 'OP_REMOVE'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
80 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
81 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
82 |
* Role registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
83 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
84 |
* @var Zend_Acl_Role_Registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
85 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
86 |
protected $_roleRegistry = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
87 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
88 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
89 |
* Resource tree |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
90 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
91 |
* @var array |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
92 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
93 |
protected $_resources = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
94 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
95 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
96 |
* @var Zend_Acl_Role_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
97 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
98 |
protected $_isAllowedRole = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
99 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
100 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
101 |
* @var Zend_Acl_Resource_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
102 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
103 |
protected $_isAllowedResource = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
104 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
105 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
106 |
* @var String |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
107 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
108 |
protected $_isAllowedPrivilege = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
109 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
110 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
111 |
* ACL rules; whitelist (deny everything to all) by default |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
112 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
113 |
* @var array |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
114 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
115 |
protected $_rules = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
116 |
'allResources' => array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
117 |
'allRoles' => array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
118 |
'allPrivileges' => array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
119 |
'type' => self::TYPE_DENY, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
120 |
'assert' => null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
121 |
), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
122 |
'byPrivilegeId' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
123 |
), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
124 |
'byRoleId' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
125 |
), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
126 |
'byResourceId' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
127 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
128 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
129 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
130 |
* Adds a Role having an identifier unique to the registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
131 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
132 |
* The $parents parameter may be a reference to, or the string identifier for, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
133 |
* a Role existing in the registry, or $parents may be passed as an array of |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
134 |
* these - mixing string identifiers and objects is ok - to indicate the Roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
135 |
* from which the newly added Role will directly inherit. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
136 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
137 |
* In order to resolve potential ambiguities with conflicting rules inherited |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
138 |
* from different parents, the most recently added parent takes precedence over |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
139 |
* parents that were previously added. In other words, the first parent added |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
140 |
* will have the least priority, and the last parent added will have the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
141 |
* highest priority. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
142 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
143 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
144 |
* @param Zend_Acl_Role_Interface|string|array $parents |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
145 |
* @uses Zend_Acl_Role_Registry::add() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
146 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
147 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
148 |
public function addRole($role, $parents = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
149 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
150 |
if (is_string($role)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
151 |
$role = new Zend_Acl_Role($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
152 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
153 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
154 |
if (!$role instanceof Zend_Acl_Role_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
155 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
156 |
throw new Zend_Acl_Exception('addRole() expects $role to be of type Zend_Acl_Role_Interface'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
157 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
158 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
159 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
160 |
$this->_getRoleRegistry()->add($role, $parents); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
161 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
162 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
163 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
164 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
165 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
166 |
* Returns the identified Role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
167 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
168 |
* The $role parameter can either be a Role or Role identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
169 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
170 |
* @param Zend_Acl_Role_Interface|string $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
171 |
* @uses Zend_Acl_Role_Registry::get() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
172 |
* @return Zend_Acl_Role_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
173 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
174 |
public function getRole($role) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
175 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
176 |
return $this->_getRoleRegistry()->get($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
177 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
178 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
179 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
180 |
* Returns true if and only if the Role exists in the registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
181 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
182 |
* The $role parameter can either be a Role or a Role identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
183 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
184 |
* @param Zend_Acl_Role_Interface|string $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
185 |
* @uses Zend_Acl_Role_Registry::has() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
186 |
* @return boolean |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
187 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
188 |
public function hasRole($role) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
189 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
190 |
return $this->_getRoleRegistry()->has($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
191 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
192 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
193 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
194 |
* Returns true if and only if $role inherits from $inherit |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
195 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
196 |
* Both parameters may be either a Role or a Role identifier. If |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
197 |
* $onlyParents is true, then $role must inherit directly from |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
198 |
* $inherit in order to return true. By default, this method looks |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
199 |
* through the entire inheritance DAG to determine whether $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
200 |
* inherits from $inherit through its ancestor Roles. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
201 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
202 |
* @param Zend_Acl_Role_Interface|string $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
203 |
* @param Zend_Acl_Role_Interface|string $inherit |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
204 |
* @param boolean $onlyParents |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
205 |
* @uses Zend_Acl_Role_Registry::inherits() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
206 |
* @return boolean |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
207 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
208 |
public function inheritsRole($role, $inherit, $onlyParents = false) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
209 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
210 |
return $this->_getRoleRegistry()->inherits($role, $inherit, $onlyParents); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
211 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
212 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
213 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
214 |
* Removes the Role from the registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
215 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
216 |
* The $role parameter can either be a Role or a Role identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
217 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
218 |
* @param Zend_Acl_Role_Interface|string $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
219 |
* @uses Zend_Acl_Role_Registry::remove() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
220 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
221 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
222 |
public function removeRole($role) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
223 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
224 |
$this->_getRoleRegistry()->remove($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
225 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
226 |
if ($role instanceof Zend_Acl_Role_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
227 |
$roleId = $role->getRoleId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
228 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
229 |
$roleId = $role; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
230 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
231 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
232 |
foreach ($this->_rules['allResources']['byRoleId'] as $roleIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
233 |
if ($roleId === $roleIdCurrent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
234 |
unset($this->_rules['allResources']['byRoleId'][$roleIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
235 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
236 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
237 |
foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $visitor) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
238 |
if (array_key_exists('byRoleId', $visitor)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
239 |
foreach ($visitor['byRoleId'] as $roleIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
240 |
if ($roleId === $roleIdCurrent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
241 |
unset($this->_rules['byResourceId'][$resourceIdCurrent]['byRoleId'][$roleIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
242 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
243 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
244 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
245 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
246 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
247 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
248 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
249 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
250 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
251 |
* Removes all Roles from the registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
252 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
253 |
* @uses Zend_Acl_Role_Registry::removeAll() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
254 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
255 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
256 |
public function removeRoleAll() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
257 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
258 |
$this->_getRoleRegistry()->removeAll(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
259 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
260 |
foreach ($this->_rules['allResources']['byRoleId'] as $roleIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
261 |
unset($this->_rules['allResources']['byRoleId'][$roleIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
262 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
263 |
foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $visitor) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
264 |
foreach ($visitor['byRoleId'] as $roleIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
265 |
unset($this->_rules['byResourceId'][$resourceIdCurrent]['byRoleId'][$roleIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
266 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
267 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
268 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
269 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
270 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
271 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
272 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
273 |
* Adds a Resource having an identifier unique to the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
274 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
275 |
* The $parent parameter may be a reference to, or the string identifier for, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
276 |
* the existing Resource from which the newly added Resource will inherit. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
277 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
278 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
279 |
* @param Zend_Acl_Resource_Interface|string $parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
280 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
281 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
282 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
283 |
public function addResource($resource, $parent = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
284 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
285 |
if (is_string($resource)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
286 |
$resource = new Zend_Acl_Resource($resource); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
287 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
288 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
289 |
if (!$resource instanceof Zend_Acl_Resource_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
290 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
291 |
throw new Zend_Acl_Exception('addResource() expects $resource to be of type Zend_Acl_Resource_Interface'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
292 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
293 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
294 |
$resourceId = $resource->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
295 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
296 |
if ($this->has($resourceId)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
297 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
298 |
throw new Zend_Acl_Exception("Resource id '$resourceId' already exists in the ACL"); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
299 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
300 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
301 |
$resourceParent = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
302 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
303 |
if (null !== $parent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
304 |
try { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
305 |
if ($parent instanceof Zend_Acl_Resource_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
306 |
$resourceParentId = $parent->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
307 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
308 |
$resourceParentId = $parent; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
309 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
310 |
$resourceParent = $this->get($resourceParentId); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
311 |
} catch (Zend_Acl_Exception $e) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
312 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
313 |
throw new Zend_Acl_Exception("Parent Resource id '$resourceParentId' does not exist", 0, $e); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
314 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
315 |
$this->_resources[$resourceParentId]['children'][$resourceId] = $resource; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
316 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
317 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
318 |
$this->_resources[$resourceId] = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
319 |
'instance' => $resource, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
320 |
'parent' => $resourceParent, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
321 |
'children' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
322 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
323 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
324 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
325 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
326 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
327 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
328 |
* Adds a Resource having an identifier unique to the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
329 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
330 |
* The $parent parameter may be a reference to, or the string identifier for, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
331 |
* the existing Resource from which the newly added Resource will inherit. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
332 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
333 |
* @deprecated in version 1.9.1 and will be available till 2.0. New code |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
334 |
* should use addResource() instead. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
335 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
336 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
337 |
* @param Zend_Acl_Resource_Interface|string $parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
338 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
339 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
340 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
341 |
public function add(Zend_Acl_Resource_Interface $resource, $parent = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
342 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
343 |
return $this->addResource($resource, $parent); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
344 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
345 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
346 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
347 |
* Returns the identified Resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
348 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
349 |
* The $resource parameter can either be a Resource or a Resource identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
350 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
351 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
352 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
353 |
* @return Zend_Acl_Resource_Interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
354 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
355 |
public function get($resource) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
356 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
357 |
if ($resource instanceof Zend_Acl_Resource_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
358 |
$resourceId = $resource->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
359 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
360 |
$resourceId = (string) $resource; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
361 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
362 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
363 |
if (!$this->has($resource)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
364 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
365 |
throw new Zend_Acl_Exception("Resource '$resourceId' not found"); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
366 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
367 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
368 |
return $this->_resources[$resourceId]['instance']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
369 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
370 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
371 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
372 |
* Returns true if and only if the Resource exists in the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
373 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
374 |
* The $resource parameter can either be a Resource or a Resource identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
375 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
376 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
377 |
* @return boolean |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
378 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
379 |
public function has($resource) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
380 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
381 |
if ($resource instanceof Zend_Acl_Resource_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
382 |
$resourceId = $resource->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
383 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
384 |
$resourceId = (string) $resource; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
385 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
386 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
387 |
return isset($this->_resources[$resourceId]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
388 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
389 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
390 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
391 |
* Returns true if and only if $resource inherits from $inherit |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
392 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
393 |
* Both parameters may be either a Resource or a Resource identifier. If |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
394 |
* $onlyParent is true, then $resource must inherit directly from |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
395 |
* $inherit in order to return true. By default, this method looks |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
396 |
* through the entire inheritance tree to determine whether $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
397 |
* inherits from $inherit through its ancestor Resources. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
398 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
399 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
400 |
* @param Zend_Acl_Resource_Interface|string $inherit |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
401 |
* @param boolean $onlyParent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
402 |
* @throws Zend_Acl_Resource_Registry_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
403 |
* @return boolean |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
404 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
405 |
public function inherits($resource, $inherit, $onlyParent = false) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
406 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
407 |
try { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
408 |
$resourceId = $this->get($resource)->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
409 |
$inheritId = $this->get($inherit)->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
410 |
} catch (Zend_Acl_Exception $e) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
411 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
412 |
throw new Zend_Acl_Exception($e->getMessage(), $e->getCode(), $e); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
413 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
414 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
415 |
if (null !== $this->_resources[$resourceId]['parent']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
416 |
$parentId = $this->_resources[$resourceId]['parent']->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
417 |
if ($inheritId === $parentId) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
418 |
return true; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
419 |
} else if ($onlyParent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
420 |
return false; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
421 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
422 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
423 |
return false; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
424 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
425 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
426 |
while (null !== $this->_resources[$parentId]['parent']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
427 |
$parentId = $this->_resources[$parentId]['parent']->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
428 |
if ($inheritId === $parentId) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
429 |
return true; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
430 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
431 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
432 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
433 |
return false; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
434 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
435 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
436 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
437 |
* Removes a Resource and all of its children |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
438 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
439 |
* The $resource parameter can either be a Resource or a Resource identifier. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
440 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
441 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
442 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
443 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
444 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
445 |
public function remove($resource) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
446 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
447 |
try { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
448 |
$resourceId = $this->get($resource)->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
449 |
} catch (Zend_Acl_Exception $e) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
450 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
451 |
throw new Zend_Acl_Exception($e->getMessage(), $e->getCode(), $e); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
452 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
453 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
454 |
$resourcesRemoved = array($resourceId); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
455 |
if (null !== ($resourceParent = $this->_resources[$resourceId]['parent'])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
456 |
unset($this->_resources[$resourceParent->getResourceId()]['children'][$resourceId]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
457 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
458 |
foreach ($this->_resources[$resourceId]['children'] as $childId => $child) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
459 |
$this->remove($childId); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
460 |
$resourcesRemoved[] = $childId; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
461 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
462 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
463 |
foreach ($resourcesRemoved as $resourceIdRemoved) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
464 |
foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
465 |
if ($resourceIdRemoved === $resourceIdCurrent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
466 |
unset($this->_rules['byResourceId'][$resourceIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
467 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
468 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
469 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
470 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
471 |
unset($this->_resources[$resourceId]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
472 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
473 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
474 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
475 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
476 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
477 |
* Removes all Resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
478 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
479 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
480 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
481 |
public function removeAll() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
482 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
483 |
foreach ($this->_resources as $resourceId => $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
484 |
foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
485 |
if ($resourceId === $resourceIdCurrent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
486 |
unset($this->_rules['byResourceId'][$resourceIdCurrent]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
487 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
488 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
489 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
490 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
491 |
$this->_resources = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
492 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
493 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
494 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
495 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
496 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
497 |
* Adds an "allow" rule to the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
498 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
499 |
* @param Zend_Acl_Role_Interface|string|array $roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
500 |
* @param Zend_Acl_Resource_Interface|string|array $resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
501 |
* @param string|array $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
502 |
* @param Zend_Acl_Assert_Interface $assert |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
503 |
* @uses Zend_Acl::setRule() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
504 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
505 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
506 |
public function allow($roles = null, $resources = null, $privileges = null, Zend_Acl_Assert_Interface $assert = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
507 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
508 |
return $this->setRule(self::OP_ADD, self::TYPE_ALLOW, $roles, $resources, $privileges, $assert); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
509 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
510 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
511 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
512 |
* Adds a "deny" rule to the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
513 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
514 |
* @param Zend_Acl_Role_Interface|string|array $roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
515 |
* @param Zend_Acl_Resource_Interface|string|array $resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
516 |
* @param string|array $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
517 |
* @param Zend_Acl_Assert_Interface $assert |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
518 |
* @uses Zend_Acl::setRule() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
519 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
520 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
521 |
public function deny($roles = null, $resources = null, $privileges = null, Zend_Acl_Assert_Interface $assert = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
522 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
523 |
return $this->setRule(self::OP_ADD, self::TYPE_DENY, $roles, $resources, $privileges, $assert); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
524 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
525 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
526 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
527 |
* Removes "allow" permissions from the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
528 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
529 |
* @param Zend_Acl_Role_Interface|string|array $roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
530 |
* @param Zend_Acl_Resource_Interface|string|array $resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
531 |
* @param string|array $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
532 |
* @uses Zend_Acl::setRule() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
533 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
534 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
535 |
public function removeAllow($roles = null, $resources = null, $privileges = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
536 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
537 |
return $this->setRule(self::OP_REMOVE, self::TYPE_ALLOW, $roles, $resources, $privileges); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
538 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
539 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
540 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
541 |
* Removes "deny" restrictions from the ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
542 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
543 |
* @param Zend_Acl_Role_Interface|string|array $roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
544 |
* @param Zend_Acl_Resource_Interface|string|array $resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
545 |
* @param string|array $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
546 |
* @uses Zend_Acl::setRule() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
547 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
548 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
549 |
public function removeDeny($roles = null, $resources = null, $privileges = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
550 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
551 |
return $this->setRule(self::OP_REMOVE, self::TYPE_DENY, $roles, $resources, $privileges); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
552 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
553 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
554 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
555 |
* Performs operations on ACL rules |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
556 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
557 |
* The $operation parameter may be either OP_ADD or OP_REMOVE, depending on whether the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
558 |
* user wants to add or remove a rule, respectively: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
559 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
560 |
* OP_ADD specifics: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
561 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
562 |
* A rule is added that would allow one or more Roles access to [certain $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
563 |
* upon] the specified Resource(s). |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
564 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
565 |
* OP_REMOVE specifics: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
566 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
567 |
* The rule is removed only in the context of the given Roles, Resources, and privileges. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
568 |
* Existing rules to which the remove operation does not apply would remain in the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
569 |
* ACL. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
570 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
571 |
* The $type parameter may be either TYPE_ALLOW or TYPE_DENY, depending on whether the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
572 |
* rule is intended to allow or deny permission, respectively. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
573 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
574 |
* The $roles and $resources parameters may be references to, or the string identifiers for, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
575 |
* existing Resources/Roles, or they may be passed as arrays of these - mixing string identifiers |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
576 |
* and objects is ok - to indicate the Resources and Roles to which the rule applies. If either |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
577 |
* $roles or $resources is null, then the rule applies to all Roles or all Resources, respectively. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
578 |
* Both may be null in order to work with the default rule of the ACL. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
579 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
580 |
* The $privileges parameter may be used to further specify that the rule applies only |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
581 |
* to certain privileges upon the Resource(s) in question. This may be specified to be a single |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
582 |
* privilege with a string, and multiple privileges may be specified as an array of strings. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
583 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
584 |
* If $assert is provided, then its assert() method must return true in order for |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
585 |
* the rule to apply. If $assert is provided with $roles, $resources, and $privileges all |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
586 |
* equal to null, then a rule having a type of: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
587 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
588 |
* TYPE_ALLOW will imply a type of TYPE_DENY, and |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
589 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
590 |
* TYPE_DENY will imply a type of TYPE_ALLOW |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
591 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
592 |
* when the rule's assertion fails. This is because the ACL needs to provide expected |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
593 |
* behavior when an assertion upon the default ACL rule fails. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
594 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
595 |
* @param string $operation |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
596 |
* @param string $type |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
597 |
* @param Zend_Acl_Role_Interface|string|array $roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
598 |
* @param Zend_Acl_Resource_Interface|string|array $resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
599 |
* @param string|array $privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
600 |
* @param Zend_Acl_Assert_Interface $assert |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
601 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
602 |
* @uses Zend_Acl_Role_Registry::get() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
603 |
* @uses Zend_Acl::get() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
604 |
* @return Zend_Acl Provides a fluent interface |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
605 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
606 |
public function setRule($operation, $type, $roles = null, $resources = null, $privileges = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
607 |
Zend_Acl_Assert_Interface $assert = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
608 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
609 |
// ensure that the rule type is valid; normalize input to uppercase |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
610 |
$type = strtoupper($type); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
611 |
if (self::TYPE_ALLOW !== $type && self::TYPE_DENY !== $type) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
612 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
613 |
throw new Zend_Acl_Exception("Unsupported rule type; must be either '" . self::TYPE_ALLOW . "' or '" |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
614 |
. self::TYPE_DENY . "'"); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
615 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
616 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
617 |
// ensure that all specified Roles exist; normalize input to array of Role objects or null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
618 |
if (!is_array($roles)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
619 |
$roles = array($roles); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
620 |
} else if (0 === count($roles)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
621 |
$roles = array(null); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
622 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
623 |
$rolesTemp = $roles; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
624 |
$roles = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
625 |
foreach ($rolesTemp as $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
626 |
if (null !== $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
627 |
$roles[] = $this->_getRoleRegistry()->get($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
628 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
629 |
$roles[] = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
630 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
631 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
632 |
unset($rolesTemp); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
633 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
634 |
// ensure that all specified Resources exist; normalize input to array of Resource objects or null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
635 |
if ($resources !== null) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
636 |
if (!is_array($resources)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
637 |
$resources = array($resources); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
638 |
} else if (0 === count($resources)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
639 |
$resources = array(null); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
640 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
641 |
$resourcesTemp = $resources; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
642 |
$resources = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
643 |
foreach ($resourcesTemp as $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
644 |
if (null !== $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
645 |
$resources[] = $this->get($resource); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
646 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
647 |
$resources[] = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
648 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
649 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
650 |
unset($resourcesTemp, $resource); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
651 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
652 |
$allResources = array(); // this might be used later if resource iteration is required |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
653 |
foreach ($this->_resources as $rTarget) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
654 |
$allResources[] = $rTarget['instance']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
655 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
656 |
unset($rTarget); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
657 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
658 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
659 |
// normalize privileges to array |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
660 |
if (null === $privileges) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
661 |
$privileges = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
662 |
} else if (!is_array($privileges)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
663 |
$privileges = array($privileges); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
664 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
665 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
666 |
switch ($operation) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
667 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
668 |
// add to the rules |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
669 |
case self::OP_ADD: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
670 |
if ($resources !== null) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
671 |
// this block will iterate the provided resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
672 |
foreach ($resources as $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
673 |
foreach ($roles as $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
674 |
$rules =& $this->_getRules($resource, $role, true); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
675 |
if (0 === count($privileges)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
676 |
$rules['allPrivileges']['type'] = $type; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
677 |
$rules['allPrivileges']['assert'] = $assert; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
678 |
if (!isset($rules['byPrivilegeId'])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
679 |
$rules['byPrivilegeId'] = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
680 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
681 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
682 |
foreach ($privileges as $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
683 |
$rules['byPrivilegeId'][$privilege]['type'] = $type; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
684 |
$rules['byPrivilegeId'][$privilege]['assert'] = $assert; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
685 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
686 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
687 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
688 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
689 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
690 |
// this block will apply to all resources in a global rule |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
691 |
foreach ($roles as $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
692 |
$rules =& $this->_getRules(null, $role, true); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
693 |
if (0 === count($privileges)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
694 |
$rules['allPrivileges']['type'] = $type; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
695 |
$rules['allPrivileges']['assert'] = $assert; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
696 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
697 |
foreach ($privileges as $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
698 |
$rules['byPrivilegeId'][$privilege]['type'] = $type; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
699 |
$rules['byPrivilegeId'][$privilege]['assert'] = $assert; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
700 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
701 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
702 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
703 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
704 |
break; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
705 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
706 |
// remove from the rules |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
707 |
case self::OP_REMOVE: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
708 |
if ($resources !== null) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
709 |
// this block will iterate the provided resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
710 |
foreach ($resources as $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
711 |
foreach ($roles as $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
712 |
$rules =& $this->_getRules($resource, $role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
713 |
if (null === $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
714 |
continue; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
715 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
716 |
if (0 === count($privileges)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
717 |
if (null === $resource && null === $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
718 |
if ($type === $rules['allPrivileges']['type']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
719 |
$rules = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
720 |
'allPrivileges' => array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
721 |
'type' => self::TYPE_DENY, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
722 |
'assert' => null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
723 |
), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
724 |
'byPrivilegeId' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
725 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
726 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
727 |
continue; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
728 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
729 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
730 |
if (isset($rules['allPrivileges']['type']) && |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
731 |
$type === $rules['allPrivileges']['type']) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
732 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
733 |
unset($rules['allPrivileges']); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
734 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
735 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
736 |
foreach ($privileges as $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
737 |
if (isset($rules['byPrivilegeId'][$privilege]) && |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
738 |
$type === $rules['byPrivilegeId'][$privilege]['type']) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
739 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
740 |
unset($rules['byPrivilegeId'][$privilege]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
741 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
742 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
743 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
744 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
745 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
746 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
747 |
// this block will apply to all resources in a global rule |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
748 |
foreach ($roles as $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
749 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
750 |
* since null (all resources) was passed to this setRule() call, we need |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
751 |
* clean up all the rules for the global allResources, as well as the indivually |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
752 |
* set resources (per privilege as well) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
753 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
754 |
foreach (array_merge(array(null), $allResources) as $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
755 |
$rules =& $this->_getRules($resource, $role, true); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
756 |
if (null === $rules) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
757 |
continue; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
758 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
759 |
if (0 === count($privileges)) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
760 |
if (null === $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
761 |
if ($type === $rules['allPrivileges']['type']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
762 |
$rules = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
763 |
'allPrivileges' => array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
764 |
'type' => self::TYPE_DENY, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
765 |
'assert' => null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
766 |
), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
767 |
'byPrivilegeId' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
768 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
769 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
770 |
continue; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
771 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
772 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
773 |
if (isset($rules['allPrivileges']['type']) && $type === $rules['allPrivileges']['type']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
774 |
unset($rules['allPrivileges']); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
775 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
776 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
777 |
foreach ($privileges as $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
778 |
if (isset($rules['byPrivilegeId'][$privilege]) && |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
779 |
$type === $rules['byPrivilegeId'][$privilege]['type']) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
780 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
781 |
unset($rules['byPrivilegeId'][$privilege]); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
782 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
783 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
784 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
785 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
786 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
787 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
788 |
break; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
789 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
790 |
default: |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
791 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
792 |
throw new Zend_Acl_Exception("Unsupported operation; must be either '" . self::OP_ADD . "' or '" |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
793 |
. self::OP_REMOVE . "'"); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
794 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
795 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
796 |
return $this; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
797 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
798 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
799 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
800 |
* Returns true if and only if the Role has access to the Resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
801 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
802 |
* The $role and $resource parameters may be references to, or the string identifiers for, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
803 |
* an existing Resource and Role combination. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
804 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
805 |
* If either $role or $resource is null, then the query applies to all Roles or all Resources, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
806 |
* respectively. Both may be null to query whether the ACL has a "blacklist" rule |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
807 |
* (allow everything to all). By default, Zend_Acl creates a "whitelist" rule (deny |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
808 |
* everything to all), and this method would return false unless this default has |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
809 |
* been overridden (i.e., by executing $acl->allow()). |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
810 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
811 |
* If a $privilege is not provided, then this method returns false if and only if the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
812 |
* Role is denied access to at least one privilege upon the Resource. In other words, this |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
813 |
* method returns true if and only if the Role is allowed all privileges on the Resource. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
814 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
815 |
* This method checks Role inheritance using a depth-first traversal of the Role registry. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
816 |
* The highest priority parent (i.e., the parent most recently added) is checked first, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
817 |
* and its respective parents are checked similarly before the lower-priority parents of |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
818 |
* the Role are checked. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
819 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
820 |
* @param Zend_Acl_Role_Interface|string $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
821 |
* @param Zend_Acl_Resource_Interface|string $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
822 |
* @param string $privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
823 |
* @uses Zend_Acl::get() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
824 |
* @uses Zend_Acl_Role_Registry::get() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
825 |
* @return boolean |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
826 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
827 |
public function isAllowed($role = null, $resource = null, $privilege = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
828 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
829 |
// reset role & resource to null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
830 |
$this->_isAllowedRole = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
831 |
$this->_isAllowedResource = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
832 |
$this->_isAllowedPrivilege = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
833 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
834 |
if (null !== $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
835 |
// keep track of originally called role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
836 |
$this->_isAllowedRole = $role; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
837 |
$role = $this->_getRoleRegistry()->get($role); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
838 |
if (!$this->_isAllowedRole instanceof Zend_Acl_Role_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
839 |
$this->_isAllowedRole = $role; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
840 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
841 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
842 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
843 |
if (null !== $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
844 |
// keep track of originally called resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
845 |
$this->_isAllowedResource = $resource; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
846 |
$resource = $this->get($resource); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
847 |
if (!$this->_isAllowedResource instanceof Zend_Acl_Resource_Interface) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
848 |
$this->_isAllowedResource = $resource; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
849 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
850 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
851 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
852 |
if (null === $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
853 |
// query on all privileges |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
854 |
do { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
855 |
// depth-first search on $role if it is not 'allRoles' pseudo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
856 |
if (null !== $role && null !== ($result = $this->_roleDFSAllPrivileges($role, $resource, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
857 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
858 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
859 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
860 |
// look for rule on 'allRoles' psuedo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
861 |
if (null !== ($rules = $this->_getRules($resource, null))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
862 |
foreach ($rules['byPrivilegeId'] as $privilege => $rule) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
863 |
if (self::TYPE_DENY === ($ruleTypeOnePrivilege = $this->_getRuleType($resource, null, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
864 |
return false; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
865 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
866 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
867 |
if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, null, null))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
868 |
return self::TYPE_ALLOW === $ruleTypeAllPrivileges; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
869 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
870 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
871 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
872 |
// try next Resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
873 |
$resource = $this->_resources[$resource->getResourceId()]['parent']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
874 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
875 |
} while (true); // loop terminates at 'allResources' pseudo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
876 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
877 |
$this->_isAllowedPrivilege = $privilege; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
878 |
// query on one privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
879 |
do { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
880 |
// depth-first search on $role if it is not 'allRoles' pseudo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
881 |
if (null !== $role && null !== ($result = $this->_roleDFSOnePrivilege($role, $resource, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
882 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
883 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
884 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
885 |
// look for rule on 'allRoles' pseudo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
886 |
if (null !== ($ruleType = $this->_getRuleType($resource, null, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
887 |
return self::TYPE_ALLOW === $ruleType; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
888 |
} else if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, null, null))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
889 |
return self::TYPE_ALLOW === $ruleTypeAllPrivileges; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
890 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
891 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
892 |
// try next Resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
893 |
$resource = $this->_resources[$resource->getResourceId()]['parent']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
894 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
895 |
} while (true); // loop terminates at 'allResources' pseudo-parent |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
896 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
897 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
898 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
899 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
900 |
* Returns the Role registry for this ACL |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
901 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
902 |
* If no Role registry has been created yet, a new default Role registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
903 |
* is created and returned. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
904 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
905 |
* @return Zend_Acl_Role_Registry |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
906 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
907 |
protected function _getRoleRegistry() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
908 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
909 |
if (null === $this->_roleRegistry) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
910 |
$this->_roleRegistry = new Zend_Acl_Role_Registry(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
911 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
912 |
return $this->_roleRegistry; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
913 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
914 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
915 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
916 |
* Performs a depth-first search of the Role DAG, starting at $role, in order to find a rule |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
917 |
* allowing/denying $role access to all privileges upon $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
918 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
919 |
* This method returns true if a rule is found and allows access. If a rule exists and denies access, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
920 |
* then this method returns false. If no applicable rule is found, then this method returns null. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
921 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
922 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
923 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
924 |
* @return boolean|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
925 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
926 |
protected function _roleDFSAllPrivileges(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
927 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
928 |
$dfs = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
929 |
'visited' => array(), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
930 |
'stack' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
931 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
932 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
933 |
if (null !== ($result = $this->_roleDFSVisitAllPrivileges($role, $resource, $dfs))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
934 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
935 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
936 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
937 |
while (null !== ($role = array_pop($dfs['stack']))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
938 |
if (!isset($dfs['visited'][$role->getRoleId()])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
939 |
if (null !== ($result = $this->_roleDFSVisitAllPrivileges($role, $resource, $dfs))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
940 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
941 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
942 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
943 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
944 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
945 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
946 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
947 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
948 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
949 |
* Visits an $role in order to look for a rule allowing/denying $role access to all privileges upon $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
950 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
951 |
* This method returns true if a rule is found and allows access. If a rule exists and denies access, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
952 |
* then this method returns false. If no applicable rule is found, then this method returns null. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
953 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
954 |
* This method is used by the internal depth-first search algorithm and may modify the DFS data structure. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
955 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
956 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
957 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
958 |
* @param array $dfs |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
959 |
* @return boolean|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
960 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
961 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
962 |
protected function _roleDFSVisitAllPrivileges(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
963 |
&$dfs = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
964 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
965 |
if (null === $dfs) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
966 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
967 |
* @see Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
968 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
969 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
970 |
throw new Zend_Acl_Exception('$dfs parameter may not be null'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
971 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
972 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
973 |
if (null !== ($rules = $this->_getRules($resource, $role))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
974 |
foreach ($rules['byPrivilegeId'] as $privilege => $rule) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
975 |
if (self::TYPE_DENY === ($ruleTypeOnePrivilege = $this->_getRuleType($resource, $role, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
976 |
return false; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
977 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
978 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
979 |
if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, $role, null))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
980 |
return self::TYPE_ALLOW === $ruleTypeAllPrivileges; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
981 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
982 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
983 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
984 |
$dfs['visited'][$role->getRoleId()] = true; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
985 |
foreach ($this->_getRoleRegistry()->getParents($role) as $roleParentId => $roleParent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
986 |
$dfs['stack'][] = $roleParent; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
987 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
988 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
989 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
990 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
991 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
992 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
993 |
* Performs a depth-first search of the Role DAG, starting at $role, in order to find a rule |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
994 |
* allowing/denying $role access to a $privilege upon $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
995 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
996 |
* This method returns true if a rule is found and allows access. If a rule exists and denies access, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
997 |
* then this method returns false. If no applicable rule is found, then this method returns null. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
998 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
999 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1000 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1001 |
* @param string $privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1002 |
* @return boolean|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1003 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1004 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1005 |
protected function _roleDFSOnePrivilege(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1006 |
$privilege = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1007 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1008 |
if (null === $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1009 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1010 |
* @see Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1011 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1012 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1013 |
throw new Zend_Acl_Exception('$privilege parameter may not be null'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1014 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1015 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1016 |
$dfs = array( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1017 |
'visited' => array(), |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1018 |
'stack' => array() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1019 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1020 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1021 |
if (null !== ($result = $this->_roleDFSVisitOnePrivilege($role, $resource, $privilege, $dfs))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1022 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1023 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1024 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1025 |
while (null !== ($role = array_pop($dfs['stack']))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1026 |
if (!isset($dfs['visited'][$role->getRoleId()])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1027 |
if (null !== ($result = $this->_roleDFSVisitOnePrivilege($role, $resource, $privilege, $dfs))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1028 |
return $result; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1029 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1030 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1031 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1032 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1033 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1034 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1035 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1036 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1037 |
* Visits an $role in order to look for a rule allowing/denying $role access to a $privilege upon $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1038 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1039 |
* This method returns true if a rule is found and allows access. If a rule exists and denies access, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1040 |
* then this method returns false. If no applicable rule is found, then this method returns null. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1041 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1042 |
* This method is used by the internal depth-first search algorithm and may modify the DFS data structure. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1043 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1044 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1045 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1046 |
* @param string $privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1047 |
* @param array $dfs |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1048 |
* @return boolean|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1049 |
* @throws Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1050 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1051 |
protected function _roleDFSVisitOnePrivilege(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1052 |
$privilege = null, &$dfs = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1053 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1054 |
if (null === $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1055 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1056 |
* @see Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1057 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1058 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1059 |
throw new Zend_Acl_Exception('$privilege parameter may not be null'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1060 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1061 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1062 |
if (null === $dfs) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1063 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1064 |
* @see Zend_Acl_Exception |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1065 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1066 |
require_once 'Zend/Acl/Exception.php'; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1067 |
throw new Zend_Acl_Exception('$dfs parameter may not be null'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1068 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1069 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1070 |
if (null !== ($ruleTypeOnePrivilege = $this->_getRuleType($resource, $role, $privilege))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1071 |
return self::TYPE_ALLOW === $ruleTypeOnePrivilege; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1072 |
} else if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, $role, null))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1073 |
return self::TYPE_ALLOW === $ruleTypeAllPrivileges; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1074 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1075 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1076 |
$dfs['visited'][$role->getRoleId()] = true; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1077 |
foreach ($this->_getRoleRegistry()->getParents($role) as $roleParentId => $roleParent) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1078 |
$dfs['stack'][] = $roleParent; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1079 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1080 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1081 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1082 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1083 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1084 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1085 |
* Returns the rule type associated with the specified Resource, Role, and privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1086 |
* combination. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1087 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1088 |
* If a rule does not exist or its attached assertion fails, which means that |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1089 |
* the rule is not applicable, then this method returns null. Otherwise, the |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1090 |
* rule type applies and is returned as either TYPE_ALLOW or TYPE_DENY. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1091 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1092 |
* If $resource or $role is null, then this means that the rule must apply to |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1093 |
* all Resources or Roles, respectively. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1094 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1095 |
* If $privilege is null, then the rule must apply to all privileges. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1096 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1097 |
* If all three parameters are null, then the default ACL rule type is returned, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1098 |
* based on whether its assertion method passes. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1099 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1100 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1101 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1102 |
* @param string $privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1103 |
* @return string|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1104 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1105 |
protected function _getRuleType(Zend_Acl_Resource_Interface $resource = null, Zend_Acl_Role_Interface $role = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1106 |
$privilege = null) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1107 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1108 |
// get the rules for the $resource and $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1109 |
if (null === ($rules = $this->_getRules($resource, $role))) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1110 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1111 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1112 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1113 |
// follow $privilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1114 |
if (null === $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1115 |
if (isset($rules['allPrivileges'])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1116 |
$rule = $rules['allPrivileges']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1117 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1118 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1119 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1120 |
} else if (!isset($rules['byPrivilegeId'][$privilege])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1121 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1122 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1123 |
$rule = $rules['byPrivilegeId'][$privilege]; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1124 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1125 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1126 |
// check assertion first |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1127 |
if ($rule['assert']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1128 |
$assertion = $rule['assert']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1129 |
$assertionValue = $assertion->assert( |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1130 |
$this, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1131 |
($this->_isAllowedRole instanceof Zend_Acl_Role_Interface) ? $this->_isAllowedRole : $role, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1132 |
($this->_isAllowedResource instanceof Zend_Acl_Resource_Interface) ? $this->_isAllowedResource : $resource, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1133 |
$this->_isAllowedPrivilege |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1134 |
); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1135 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1136 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1137 |
if (null === $rule['assert'] || $assertionValue) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1138 |
return $rule['type']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1139 |
} else if (null !== $resource || null !== $role || null !== $privilege) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1140 |
return null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1141 |
} else if (self::TYPE_ALLOW === $rule['type']) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1142 |
return self::TYPE_DENY; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1143 |
} else { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1144 |
return self::TYPE_ALLOW; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1145 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1146 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1147 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1148 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1149 |
* Returns the rules associated with a Resource and a Role, or null if no such rules exist |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1150 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1151 |
* If either $resource or $role is null, this means that the rules returned are for all Resources or all Roles, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1152 |
* respectively. Both can be null to return the default rule set for all Resources and all Roles. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1153 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1154 |
* If the $create parameter is true, then a rule set is first created and then returned to the caller. |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1155 |
* |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1156 |
* @param Zend_Acl_Resource_Interface $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1157 |
* @param Zend_Acl_Role_Interface $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1158 |
* @param boolean $create |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1159 |
* @return array|null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1160 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1161 |
protected function &_getRules(Zend_Acl_Resource_Interface $resource = null, Zend_Acl_Role_Interface $role = null, |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1162 |
$create = false) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1163 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1164 |
// create a reference to null |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1165 |
$null = null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1166 |
$nullRef =& $null; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1167 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1168 |
// follow $resource |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1169 |
do { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1170 |
if (null === $resource) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1171 |
$visitor =& $this->_rules['allResources']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1172 |
break; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1173 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1174 |
$resourceId = $resource->getResourceId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1175 |
if (!isset($this->_rules['byResourceId'][$resourceId])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1176 |
if (!$create) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1177 |
return $nullRef; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1178 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1179 |
$this->_rules['byResourceId'][$resourceId] = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1180 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1181 |
$visitor =& $this->_rules['byResourceId'][$resourceId]; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1182 |
} while (false); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1183 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1184 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1185 |
// follow $role |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1186 |
if (null === $role) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1187 |
if (!isset($visitor['allRoles'])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1188 |
if (!$create) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1189 |
return $nullRef; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1190 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1191 |
$visitor['allRoles']['byPrivilegeId'] = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1192 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1193 |
return $visitor['allRoles']; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1194 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1195 |
$roleId = $role->getRoleId(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1196 |
if (!isset($visitor['byRoleId'][$roleId])) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1197 |
if (!$create) { |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1198 |
return $nullRef; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1199 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1200 |
$visitor['byRoleId'][$roleId]['byPrivilegeId'] = array(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1201 |
$visitor['byRoleId'][$roleId]['allPrivileges'] = array('type' => null, 'assert' => null); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1202 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1203 |
return $visitor['byRoleId'][$roleId]; |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1204 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1205 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1206 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1207 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1208 |
* @return array of registered roles (Deprecated) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1209 |
* @deprecated Deprecated since version 1.10 (December 2009) |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1210 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1211 |
public function getRegisteredRoles() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1212 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1213 |
trigger_error('The method getRegisteredRoles() was deprecated as of ' |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1214 |
. 'version 1.0, and may be removed. You\'re encouraged ' |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1215 |
. 'to use getRoles() instead.'); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1216 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1217 |
return $this->_getRoleRegistry()->getRoles(); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1218 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1219 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1220 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1221 |
* @return array of registered roles |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1222 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1223 |
public function getRoles() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1224 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1225 |
return array_keys($this->_getRoleRegistry()->getRoles()); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1226 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1227 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1228 |
/** |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1229 |
* @return array of registered resources |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1230 |
*/ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1231 |
public function getResources() |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1232 |
{ |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1233 |
return array_keys($this->_resources); |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1234 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1235 |
|
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1236 |
} |
|
4eba9c11703f
first import
Yves-Marie Haussonne <1218002+ymph@users.noreply.github.com>
parents:
diff
changeset
|
1237 |