/**
* {@inheritdoc}
*/
public function getAllowedResources(UserIdentifier $userIdentifier)
{
if ($userIdentifier->getUserType() == UserIdentifier::USER_TYPE_GUEST) {
return [self::PERMISSION_ANONYMOUS];
} elseif ($userIdentifier->getUserType() == UserIdentifier::USER_TYPE_CUSTOMER) {
return [self::PERMISSION_SELF];
}
$allowedResources = [];
try {
$role = $this->_getUserRole($userIdentifier);
if (!$role) {
throw new AuthorizationException('The role associated with the specified user cannot be found.');
}
$rulesCollection = $this->_rulesCollectionFactory->create();
$rulesCollection->getByRoles($role->getId())->load();
$acl = $this->_aclBuilder->getAcl();
/** @var \Magento\User\Model\Rules $ruleItem */
foreach ($rulesCollection->getItems() as $ruleItem) {
$resourceId = $ruleItem->getResourceId();
if ($acl->has($resourceId) && $acl->isAllowed($role->getId(), $resourceId)) {
$allowedResources[] = $resourceId;
}
}
} catch (AuthorizationException $e) {
throw $e;
} catch (\Exception $e) {
$this->_logger->logException($e);
throw new LocalizedException('Error happened while getting a list of allowed resources. Check exception log for details.');
}
return $allowedResources;
}
/**
* Class constructor
*
* @return void
*/
protected function _construct()
{
parent::_construct();
$rid = $this->_request->getParam('rid', false);
$acl = $this->_aclBuilder->getAcl();
$rulesSet = $this->_rulesCollectionFactory->create()->getByRoles($rid)->load();
$selectedResourceIds = array();
foreach ($rulesSet->getItems() as $item) {
$itemResourceId = $item->getResource_id();
if ($acl->has($itemResourceId) && $item->getPermission() == 'allow') {
$selectedResourceIds[] = $itemResourceId;
}
}
$this->setSelectedResources($selectedResourceIds);
}