function dropNamespace($ns) { $mapper = Application\Model\Mapper\PermissionMapper::getInstance(); echo "Removing old {$ns} data...\n"; $namespace = $mapper->getNamespace($ns, true); $namespace->dropCollection(); echo "Old data removed!\n"; }
function updateNamespace($ns, $file) { echo "Parsing namespace '{$ns}' ({$file})...\n"; $acl = App_Acl_Factory::createAclFromFile($file, true); echo "Namespace parsed!\n"; $mapper = Application\Model\Mapper\PermissionMapper::getInstance(); $namespace = $mapper->getNamespace($ns, true); echo "Creating new permission map for namespace '{$ns}'...\n"; $roles = $acl->getRoles(); $resPrivs = $acl->getAllPrivileges(); foreach ($roles as $role) { // Divide roles into role-orgType $aRole = explode('-', $role); if (count($aRole) <= 1) { echo "Ignoring role {$role}...\n"; continue; } $thisOrgType = array_pop($aRole); $roleName = implode('-', $aRole); if ($roleName == 'org' || !in_array($thisOrgType, array('super', 'master', 'provider', 'customer', 'aggregator', 'enduser'))) { echo "Ignoring role {$role}...\n"; continue; } echo "Creating permission map for {$role}...\n"; $mapper->addRoleId($role); $allowed = $acl->getAllowedMapForRole($role); foreach ($resPrivs as $resource => $privs) { echo "Creating resource '{$resource}' for {$role}..."; $namespace->namespaceAddResource($resource); echo " Resource created!\n"; foreach ($privs as $priv) { $isAllowed = in_array($priv, isset($allowed[$resource]) ? $allowed[$resource] : array()); if (!$isAllowed) { continue; } $asserts = array(); // Getting an App_Acl_Assert_Combine instance! $as = $acl->getAssert($role, $resource, $priv); $as = $as ? $as->getAsserts() : array(); foreach ($as as $assert) { $asserts[] = $assert; } $namespace->setPermission($role, $resource, $priv, $asserts); } } echo "Permission map for {$role} created!\n"; } echo "Permission map for namespace '{$ns}' created!\n"; }