public function getRoles($orgType)
{
$roles = PermissionService::getInstance()->findAllRoles('portal');
$aRoles = array();
foreach ($roles as &$role) {
// Divide roles into role-orgType
$aRole = explode('-', $role);
if (count($aRole) > 1) {
$thisOrgType = array_pop($aRole);
$roleName = implode('-', $aRole);
// Add to associative array if role name isnt 'org'
if ($roleName != 'org') {
if (!isset($aRoles[$thisOrgType])) {
$aRoles[$thisOrgType] = array();
}
$aRoles[$thisOrgType][] = $roleName;
}
}
}
// Generate output depending on the presence of
// the orgType GET parameter
if (!empty($orgType)) {
$roles = !empty($aRoles[$orgType]) ? $aRoles[$orgType] : array();
$roles = array_unique($roles);
sort($roles);
} else {
$roles = $aRoles;
}
return $roles;
}
/**
* Lists all permissions
*/
public function indexAction()
{
if (($namespace = $this->_getParam('namespace')) || ($namespace = $this->getRequest()->getHeader('Realm'))) {
}
if (!($roleId = $this->_getParam('roleId'))) {
$roleId = \App::getUserLogged()->getRoleId();
}
$this->view->permissions = \Core\Service\PermissionService::getInstance()->load($roleId, $namespace);
}
protected function _loadRole($role)
{
if (($role instanceof Zend_Acl_Role_Interface || is_string($role)) && !$this->hasRole($role)) {
if ($role instanceof Zend_Acl_Role_Interface) {
$roleId = $role->getRoleId();
} else {
$roleId = $role;
}
$this->addRole($roleId);
$this->deny($roleId);
$service = \Core\Service\PermissionService::getInstance();
//Load all resources
$resources = $service->findAllResources('portal');
$alreadySetupRes = $this->getResources();
foreach ($resources as $res) {
if (!in_array($res, $alreadySetupRes)) {
$this->addResource($res);
}
}
$permissions = $service->load($roleId, 'portal');
if (is_array($permissions)) {
foreach ($permissions as $resource => $perms) {
$this->deny($roleId, $resource);
foreach ($perms as $perm => $asserts) {
if (!empty($asserts)) {
if (!in_array('NotAllowed', $asserts)) {
$combi = new App_Acl_Assert_Combine($asserts);
$this->allow($roleId, $resource, $perm, $combi);
} else {
$this->deny($roleId, $resource, $perm);
}
} else {
$this->allow($roleId, $resource, $perm);
}
}
}
}
}
}
/**
* Closed at production environment, available at development
*/
public function permsAction()
{
$this->_develOnly();
// Render permissions as HTML
$this->_helper->output()->disable();
// Required params
if (($namespace = $this->_getParam('permissions')) || ($namespace = $this->getRequest()->getHeader('Realm'))) {
}
$roles = \Core\Service\PermissionService::getInstance()->findAllRoles($namespace);
$this->view->namespaces = array();
if (!$namespace) {
$uniqRoles = array();
foreach ($roles as $ns => $nsRoles) {
$uniqRoles = array_merge($uniqRoles, $nsRoles);
$this->view->namespaces[] = $ns;
}
$roles = array_unique($uniqRoles);
} else {
$this->view->namespaces[] = $namespace;
}
$this->view->roles = $roles;
$this->view->service = \Core\Service\PermissionService::getInstance();
}
public function meAction()
{
$this->view->user = \App::getUserLogged();
$this->_helper->filterNotAllowedFields('read_field', $this->view->user);
if ($this->getRequest()->getParam('organization', false)) {
$this->view->organization = $this->view->user->getOrganization();
$this->_helper->filterNotAllowedFields('read_field', $this->view->organization);
$orgService = OrgService::getInstance();
$orgService->getOrgConfig($this->view->organization);
$sp = $orgService->getParentByType($this->view->organization, OrgServiceProviderModel::ORG_TYPE);
if ($sp && isset($sp->isEnabler)) {
$this->view->organization->alwaysOnRoaming = !$sp->isEnabler;
}
if ($this->view->organization instanceof OrgCustomerModel && isset($this->view->organization->supplementaryServicesId)) {
try {
$supplService = SupplServicesService::getInstance()->load($this->view->organization->supplementaryServicesId);
if ($supplService) {
try {
$this->_helper->allowed('read', $supplService);
$this->_helper->filterNotAllowedFields('read_field', $supplService);
$this->view->supplService = $supplService;
} catch (PermissionException $e) {
}
}
} catch (\Exception $e) {
\App::log()->warn($e);
}
}
}
if (($namespace = $this->_getParam('permissions')) || ($namespace = $this->getRequest()->getHeader('Realm'))) {
if ($namespace == 1) {
$namespace = null;
}
$this->view->permissions = \Core\Service\PermissionService::getInstance()->load(\App::getUserLogged()->getRoleId(), $namespace);
}
}
