Adds a Resource having an identifier unique to the list.
| public addResource ( $resource, $parent = NULL ) : self | ||
| return | self | |
public function addResources($resources)
{
if ($resources !== self::ALL) {
$resources = is_array($resources) ? $resources : [$resources];
foreach ($resources as $resource) {
if (!$this->acl->hasResource($resource)) {
$this->acl->addResource($resource);
}
}
}
}
public function __construct()
{
$this->acl = new NS\Permission();
$this->acl->addRole('guest');
$this->acl->addRole('user', 'registered');
$this->acl->addRole('admin', 'user');
$this->acl->addResource('backend');
$this->acl->addResource('users');
$this->acl->allow('user', array('backend'), array('view'));
$this->acl->allow('admin');
}
private function defineResources(Permission $authorizator)
{
$authorizator->addResource('listing');
$authorizator->addResource('message');
// view
$authorizator->addResource('relationships_tables');
// view_identifiers
$authorizator->addResource('users_overview');
// suspend_user
$authorizator->addResource('database_backup');
}
public static function createAuthorizator()
{
$perm = new Permission();
$perm->addRole("guest");
$perm->addRole("user", "guest");
$perm->addRole("admin", "user");
$perm->addResource('clip');
$perm->addResource('comment');
$perm->deny();
$perm->allow("admin");
$perm->allow("user", "comment", "add");
return $perm;
}
public function startup()
{
parent::startup();
if ($this->getName() != 'Admin:Sign' && !$this->user->isLoggedIn()) {
$this->redirect('Sign:default');
}
//nastavim prava
foreach ($this->roles->getAll() as $role) {
$this->acl->addRole($role['system_name']);
}
foreach ($this->resources->getAll() as $resource) {
$this->acl->addResource($resource['system_name']);
}
foreach ($this->permissions->getAll() as $permission) {
$this->acl->allow($permission->role->system_name, $permission->resource->system_name, $permission->privilege->system_name);
}
$this->acl->addRole('super_admin');
$this->acl->allow('super_admin');
//homepage a sign maji pristup vsichni
$this->acl->addResource('homepage');
$this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'homepage');
$this->acl->addResource('sign');
$this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'sign');
//vychozi role
$this->acl->addRole('guest');
//kontrola prav
if ($this->getName() != 'Admin:Image' && $this->getAction() != 'ordering' && $this->getAction() != 'orderingCategory' && $this->getAction() != 'deleteImage' && $this->getAction() != 'changePassword' && $this->getAction() != 'getCity' && $this->getAction() != 'download') {
if (!$this->getUser()->isAllowed($this->getNameSimple(), $this->getAction())) {
$this->flashMessage($this->translator->translate('admin.login.noAccess'), 'error');
$this->redirect('Homepage:default');
}
}
//projedu vsek moduly a pokusim se najit presentery
$presenters = array();
$vsekDir = dirname(__FILE__) . '/../../../';
$ch = opendir($vsekDir);
while (($file = readdir($ch)) !== false) {
if (!in_array($file, array('.', '..'))) {
if (file_exists($vsekDir . $file . '/src/setting.xml')) {
$xml = simplexml_load_file($vsekDir . $file . '/src/setting.xml');
if (isset($xml->presenter)) {
$this->menuModules[] = array('name' => (string) $xml->presenter->name, 'resource' => (string) $xml->presenter->resource);
}
}
}
}
closedir($ch);
}
/** @return Nette\Security\Permission */
public function create()
{
if (!$this->cmsInstalled) {
return new Nette\Security\Permission();
}
$acl = $this->cache->load('acl');
if ($acl === NULL) {
$acl = new Nette\Security\Permission();
try {
foreach ($this->roleService->findAll() as $role) {
$acl->addRole($role->name, $role->parent === NULL ? NULL : $role->parent->name);
}
} catch (Kdyby\Doctrine\DBALException $ex) {
return new Nette\Security\Permission();
}
foreach ($this->resourceService->findAll() as $resource) {
$acl->addResource($resource->name);
}
foreach ($this->aclService->findAll() as $aclEntry) {
if ($aclEntry->allow) {
$acl->allow($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name);
} else {
$acl->deny($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name);
}
}
$this->cache->save('acl', $acl, [Nette\Caching\Cache::TAGS => self::CACHE_TAG]);
}
return $acl;
}
public function __construct()
{
$acl = new Nette\Security\Permission();
// definice rolí
$acl->addRole('guest');
$acl->addRole('demo', 'guest');
// demo dědí od guest
$acl->addRole('admin', 'demo');
// a od něj dědí admin
// seznam zdrojů, ke kterým mohou uživatelé přistupovat
$acl->addResource('Admin:Admin');
$acl->addResource('Front');
// pravidla, určující, kdo co může s čím dělat
$acl->allow('guest', 'Front', self::READ);
$acl->allow('demo', 'Admin:Admin', self::READ);
$acl->allow('admin', Permission::ALL, Permission::ALL);
// Nastaveno!
$this->acl = $acl;
}
private function setResources(Permission $p)
{
try {
$resources = $this->resourcesService->getResources();
} catch (Exceptions\DataErrorException $e) {
$this->logError($e->getMessage());
}
foreach ($resources as $res) {
if ($res->hasParent()) {
$p->addResource($res->getId(), $res->getParent());
} else {
$p->addResource($res->getId());
}
}
}
/**
*
*/
private function InitResource()
{
foreach ($this->resourceRepository->read()->order("aclResourceID ASC") as $resource) {
$this->acl->addResource($resource->name);
}
}
/**
* Nadefinuje jednotlivé resources.
*/
private function defineResources()
{
foreach ($this->permissionRepository->selectAllResources() as $resource) {
$this->acl->addResource($resource->getName());
}
}
/**
* Get raw permissions without privileges.
*
* @return Permission
*/
public function getRawPermissions()
{
$permission = new Permission();
foreach ($this->scanResources() as $resource => $privileges) {
$permission->addResource($resource);
}
foreach ($this->defaultRoles as $role) {
if (!$permission->hasRole($role)) {
$permission->addRole($role);
}
}
return $permission;
}
private function loadResources(Permission $acl)
{
$resources = $this->em->createQuery('SELECT r FROM ' . Resource::class . ' r')->execute();
/** @var Resource $resource */
foreach ($resources as $resource) {
$acl->addResource($resource->getName());
}
}
