/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
// Get the organization
$orgService = \Application\Service\OrgService::getInstance();
$org = $orgService->load($role->getOrganizationId());
if ($org->getType() != OrgCustomerModel::ORG_TYPE) {
$org = $orgService->getParentByType($org, OrgCustomerModel::ORG_TYPE);
}
if ($org && !is_null($org->getSupplementaryServicesId())) {
// Check if the customer has supplementary services configured
// with application originated SMS option activated
$supplSrv = \Application\Service\SupplServicesService::getInstance();
$services = $supplSrv->load($org->getSupplementaryServicesId());
if ($services && $services->getApplicationOriginatedSms() == SupplServicesModel::ST_ACTIVATED) {
return true;
}
}
throw new Exception('Role must have applicationOriginatedSms activated');
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
if (!$resource instanceof SimModel) {
throw new Exception('Resource must be an instance of SimModel');
}
// Get the organization
$orgService = \Application\Service\OrgService::getInstance();
if ($orgService->getTypeById($role->getOrganizationId()) == OrgServiceProviderModel::ORG_TYPE) {
$org = $orgService->load($resource->customerId);
} else {
$org = $orgService->load($role->getOrganizationId());
}
if ($org->getType() != OrgCustomerModel::ORG_TYPE) {
$org = $orgService->getParentByType($org, OrgCustomerModel::ORG_TYPE);
}
if ($org && !is_null($org->getSupplementaryServicesId())) {
// Check if the customer has supplementary services configured
// with application originated SMS option activated
$supplSrv = \Application\Service\SupplServicesService::getInstance();
try {
if ($orgService->getTypeById($role->getOrganizationId()) == OrgAggregatorModel::ORG_TYPE) {
$services = $supplSrv->load($org->getSupplementaryServicesId(), $org);
} else {
$services = $supplSrv->load($org->getSupplementaryServicesId());
}
} catch (\Exception $e) {
\App::log()->warn($e);
return False;
}
if ($services && $services->advancedSupervision == SupplServicesModel::ST_ACTIVATED) {
return true;
}
}
return false;
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
if (!$resource instanceof App_ListFilter) {
throw new Exception('Resource must be an instance of App_ListFilter');
}
$filter = $resource->getOneFilterByFieldName(SimFilterFields::SERVICE_PROVIDER_COMM);
if (!$filter) {
return false;
}
return $filter->getValue() == $role->getOrganizationId();
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role || NULL === $resource) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
$orgId = $role->getOrganizationId();
if (!$resource instanceof SimModel) {
throw new Exception('Resource must be an instance of SimModel');
}
return $orgId === $resource->getServiceProviderCommercialId();
}
/**
* Returns true if and only if the assertion conditions are met
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param null $privilege
* @return bool
* @throws Exception
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role || NULL === $resource) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
$orgId = $role->getOrganizationId();
switch (true) {
case $resource instanceof OrgModelAbstract:
return $orgId === $resource->getParentId();
case $resource instanceof Model\PreBillModel:
return true;
//TODO: we need serviceProviderId from ericsson
return $orgId === $resource->getServiceProvider()->getId();
case $resource instanceof UserModel:
try {
$org = $resource->getOrganization();
if (NULL !== $org) {
return $orgId === $org->getParentId();
}
App::log()->err("User (" . $resource->getId() . ") organization (" . $resource->getOrganizationId() . ") doesn't exist");
return false;
} catch (Exception $e) {
return false;
}
case $resource instanceof Model\CommercialGroupModel:
// customerId is one of service provider customers?
// TODO aggregatorId case?
$org = OrgService::getInstance()->load($resource->getCustomerId());
return $org && $orgId === $org->getParentId();
case $resource instanceof Model\ReportModel:
$params = $resource->getParams();
if (isset($params['orgId']) && !empty($params['orgId'])) {
$org = OrgService::getInstance()->load($params['orgId']);
return $org && $orgId === $org->getParentId();
} else {
return true;
}
}
throw new Exception('Resource must be an instance of OrgModelAbstract or UserModel');
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role || NULL === $resource) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof Model\UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
$orgId = $role->getOrganizationId();
switch (true) {
case $resource instanceof OrgModelAbstract:
$parent = OrgService::getInstance()->load($resource->getParentId());
if ($parent) {
return $orgId === $parent->getParentId();
}
return false;
}
throw new Exception('Resource must be an instance of OrgModelAbstract');
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role || NULL === $resource) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
$orgId = $role->getOrganizationId();
$org = Service\OrgService::getInstance()->load($orgId);
if (!$org) {
return false;
}
switch (true) {
case $resource instanceof Model\ServicePackModel:
return $org->getParentId() === $resource->getServiceProvider();
}
throw new Exception('Resource must be an instance of ServicePack');
}
/**
* Returns true if and only if the assertion conditions are met
*
* This method is passed the ACL, Role, Resource, and privilege to which
* the authorization query applies. If the $role, $resource, or $privilege
* parameters are null, it means that the query applies to all Roles,
* Resources, or privileges, respectively.
*
* @param Zend_Acl $acl
* @param Zend_Acl_Role_Interface $role
* @param Zend_Acl_Resource_Interface $resource
* @param string $privilege
* @return boolean
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// We need specific objects to check against each other
if (NULL === $role || NULL === $resource) {
return false;
}
// Ensure we're handled User models
if (!$role instanceof UserModel) {
throw new Exception('Role must be an instance of UserModel');
}
$orgId = $role->getOrganizationId();
switch (true) {
case $resource instanceof OrgModelAbstract:
return $orgId === $resource->getId();
case $resource instanceof UserModel:
case $resource instanceof TemplateModel:
return $orgId === $resource->getOrganizationId();
case $resource instanceof Async\Model\AsyncResponse:
$cOrgId = \Application\Model\Mapper\OrganizationMapper::cleanOrgId($orgId);
return $orgId === $resource->getOrganizationId() || $cOrgId === $resource->getOrganizationId();
case $resource instanceof Model\TariffPlanLifeCycleModel:
case $resource instanceof Model\TariffPlanServicesModel:
case $resource instanceof Model\RestrictionModel:
case $resource instanceof Model\ServicePackModel:
$orgType = Model\Mapper\OrganizationMapper::getTypeByOrgId($orgId);
switch ($orgType) {
case Model\Organization\OrgServiceProviderModel::ORG_TYPE:
return $orgId === $resource->getServiceProviderId();
case Model\Organization\OrgCustomerModel::ORG_TYPE:
// $spList = Service\ServicePackService::getInstance()->listAll();
// foreach ($spList->getItems() as $sp) {
// if ($sp->getId() === $resource->getId()) {
// return true;
// }
// }
/*
* There is no way to know if only one ServicePack is assigned to a customer,
* only retrieving all servicePacks assigned. It is too much slow. In Ericsson we trust.
*/
return true;
default:
return false;
}
case $resource instanceof Model\SupplServicesModel:
return $orgId === $resource->getServiceProviderId() || $orgId === $resource->getCustomerId();
case $resource instanceof Model\CommercialGroupModel:
case $resource instanceof Model\SupervisionGroupModel:
return $orgId === $resource->getCustomerId();
case $resource instanceof SimModel:
/** @var $resource \Application\Model\SimModel */
return $orgId === $resource->getMasterId() || $orgId === $resource->getServiceProviderCommercialId() || $orgId === $resource->getServiceProviderEnablerId() || $orgId === $resource->getAggregatorId() || $orgId === $resource->getCustomerId() || $orgId === $resource->getEndUserId();
case $resource instanceof Model\ReportModel:
$params = $resource->getParams();
if (isset($params['orgId']) && !empty($params['orgId'])) {
return $orgId === $params['orgId'];
} else {
return true;
}
}
throw new Exception('Resource must be an instance of OrgModelAbstract, UserModel or SimModel');
}
