/**
* Constructor
*
* @param UserModel $user User model to retrieve Acl, role name and check permission
*/
public function __construct(UserModel $user)
{
$this->acl = $user->getAcl(true);
$this->roleName = $user->getRole()->getName();
}
/**
* Check user acl
*
* @param UserModel $userModel User model
*
* @return \Zend\Http\Response|null
*/
protected function checkAcl(UserModel $userModel)
{
if (!empty($this->aclPage) and $userModel->getRole()->getName() !== RoleModel::PROTECTED_NAME) {
$permission = null;
$acl = $userModel->getAcl(true);
if ($this->aclPage['resource'] == 'modules') {
$moduleId = $this->getRouteMatch()->getParam('m');
if (empty($moduleId)) {
$action = $this->getRouteMatch()->getParam('action');
$permission = $action === 'index' ? 'list' : $action;
} else {
$moduleModel = ModuleModel::fromId($moduleId);
if (!empty($moduleModel)) {
$permission = $moduleModel->getName();
}
}
} else {
$permission = empty($this->aclPage['permission']) ? null : $this->aclPage['permission'];
if ($this->aclPage['permission'] != 'index' and !in_array($this->aclPage['resource'], array('content', 'stats'))) {
$action = $this->getRouteMatch()->getParam('action');
$permission .= (!empty($permission) ? '/' : '') . ($action === 'index' ? 'list' : $action);
}
}
if (!$acl->isAllowed($userModel->getRole()->getName(), $this->aclPage['resource'], $permission)) {
return $this->redirect()->toRoute('config/user/forbidden');
}
}
}
