public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$this->_initAcl();
if ($this->_auth->hasIdentity()) {
$ident = $this->_auth->getIdentity();
$date = new Zend_Date();
$ident->last_login = $date->get(DATABASE_DATE_FORMAT);
$ident->save();
}
if ($request->getControllerName() != 'admin' && $request->getModuleName() != 'admin') {
return;
}
// if this is not admin skip the rest
if (!$this->_auth->hasIdentity() && !($request->getControllerName() == 'auth' && $request->getActionName() == 'login' && $request->getModuleName() == 'admin')) {
$redirect = new Zend_Controller_Action_Helper_Redirector();
$redirect->gotoSimple('login', 'auth', 'admin');
}
if ($request->getModuleName() == 'user' && $request->getControllerName() == 'admin' && $request->getActionName() == 'profile') {
return;
}
// the profile is a free resource
$resource = $request->getModuleName() . '_' . $request->getControllerName();
$hasResource = $this->_acl->has($resource);
if ($hasResource && !$this->_acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $request->getActionName())) {
throw new FansubCMS_Exception_Denied('The user is not allowd to do this');
}
}
/**
* Hook into action controller preDispatch() workflow
*
* @return void
*/
public function preDispatch()
{
$role = Zend_Registry::get('config')->acl->defaultRole;
if ($this->_auth->hasIdentity()) {
$user = $this->_auth->getIdentity();
if (is_object($user) && !empty($user->role)) {
$role = $user->role;
}
}
$request = $this->_action->getRequest();
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
$this->_controllerName = $controller;
$resource = $controller;
$privilege = $action;
if (!$this->_acl->has($resource)) {
$resource = null;
}
if ($resource == 'error' && $privilege == 'error') {
return;
}
if (!$this->_acl->isAllowed($role, $resource, $privilege)) {
$request->setModuleName('default')->setControllerName('auth')->setActionName('noaccess');
$request->setDispatched(false);
return;
}
}
protected function _isAuthorized($resource, $action)
{
$user = $this->_auth->hasIdentity() ? $this->_auth->getIdentity() : 'guest';
if (!$this->_acl->has($resource) || !$this->_acl->isAllowed($user, $resource, $action)) {
return false;
}
return true;
}
/**
*/
public function testGetResource()
{
$request = new Zend_Controller_Request_Simple(1, 2, 3);
self::assertEquals('3.2.1', $this->object->getResource($request));
self::assertTrue($this->acl->has('3.2.1'));
self::assertTrue($this->acl->has('3.2'));
self::assertTrue($this->acl->has('3'));
}
public function isAllowed($resource = null, $privilege = null, $role = null)
{
// Default business rule to return null instead of throwing exceptions for non-known resources
if (!$this->_acl->has($resource)) {
$resource = null;
}
return $this->_acl->isAllowed($resource, $privilege, $role);
}
protected function _isAuthorized($controller, $action)
{
$this->_acl = Zend_Registry::get('acl');
$user = $this->_auth->getIdentity();
if (!$this->_acl->has($controller) || !$this->_acl->isAllowed($user, $controller, $action)) {
return false;
}
return true;
}
/**
* 是否有权限
*
* @param string $action
* @param string $controller
* @param string $module
* @param array $params
* @return boolean
*/
public function isAllowed($action, $controller, $module, $params = array())
{
$resource = ZtChart_Model_Acl_Resource::parsePageMvc($action, $controller, $module);
if (!$this->_acl->has($resource)) {
return true;
} else {
return $this->_acl->isAllowed($this->_role(), $resource, $this->_privileges());
}
}
/**
* Checks if user has the right to do privilege on resource
*
* @param Zend_Acl_Resource $resource
* @param string $privilege
* @return boolean
*/
public function isAllowed($resource, $privilege)
{
if (empty(self::$_acl)) {
self::$_acl = Zend_Registry::get('Zend_Acl');
}
if (!self::$_acl->has($resource)) {
return true;
}
return self::$_acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $privilege);
}
/**
*(non-PHPdoc)
*
* @see Zend_Controller_Plugin_Abstract::preDispatch()
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
/**
* Recupera a identidade do usuario logado
*
* @var Array
*/
$role = $this->auth->getIdentity();
/**
* Recursos que se deseja acesso
*
* @var String
*/
$resource = $this->getRequest()->getModuleName();
/**
* Ação permitida dentro de um resource
*
* @var String
*/
$action = $this->getRequest()->getModuleName() != 'admin' && $this->getRequest()->getModuleName() != 'sac' ? null : $this->getRequest()->getControllerName();
// Verificação condicional para os controllers e actions de upload
if (!($request->getActionName() == 'upload' || $request->getControllerName() == 'upload')) {
// Verifica se ha lixo na autenticacao
if (!is_array($role)) {
// Parametros
$params = array();
// Destroi qualquer instancia de autenticacao
$this->auth->clearIdentity();
// Altera a rota de destino
$request->setModuleName('admin')->setControllerName('login')->setActionName('index');
return;
}
// Verifica se o recurso existe e se o usuario logado tem acesso
if (!$this->acl->has($resource) || !$this->acl->isAllowed($role['usuario'], $resource, $action)) {
// Parametros
$params = array();
// Redireciona para o controller de login
if ($role['usuario'] != 'visitante') {
$params['erro'] = 'Você não possui permissão de acesso a este recurso.';
$request->setModuleName('admin')->setControllerName('index')->setActionName('index')->setParams($params);
} else {
if ($this->getRequest()->getModuleName() == "sac") {
$request->setModuleName('sac')->setControllerName('login')->setActionName('index')->setParams($params);
} else {
$request->setModuleName('admin')->setControllerName('login')->setActionName('index')->setParams($params);
}
}
return;
}
}
}
/**
* Called before an action is dispatched by Zend_Controller_Dispatcher.
*
* This callback allows for proxy or filter behavior. By altering the
* request and resetting its dispatched flag (via
* {@link Zend_Controller_Request_Abstract::setDispatched() setDispatched(false)}),
* the current action may be skipped.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// reset role & resource
Zend_Registry::set('Role', 'guest');
Zend_Registry::set('Resource', '');
// check if ErrorHandler wasn't fired
if ($request->getParam('error_handler')) {
return;
}
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
$pathInfo = $request->getPathInfo();
$allow = false;
if ($this->_auth->hasIdentity()) {
$userId = $this->_auth->getIdentity();
$roleId = $this->_auth->getRoleId();
$rolesList = $this->_em->find('Roles', $roleId);
$roleName = $rolesList->getRoleName();
$role = new Zend_Acl_Role($roleName);
} else {
$roleName = 'guest';
$role = new Zend_Acl_Role($roleName);
}
$resource = $action == '' ? trim($controller) . '/index' : trim($controller) . '/' . trim($action);
$resource = $module == 'default' ? $resource : $module . "/" . $resource;
// on main page resource might be empty
if ($resource == '') {
$resource = 'index/index';
}
// if resource not exist in db then check permission for controller
if (!$this->_acl->has($resource) && $action != '') {
$resource = trim($controller);
}
// check if user is allowed to see the page
$allow = $this->_acl->isAllowed($role, $resource);
if ($allow == false && $this->_auth->hasIdentity()) {
// user logged in but denied permission
$request->setModuleName('default');
$request->setControllerName('error');
$request->setActionName('forbidden');
/* $this->_response->setHeader('Content-type', 'text/html');
$this->_response->setHttpResponseCode(403);
$this->_response->setBody('<h1>403 - Forbidden</h1>');
$this->_response->sendResponse(); */
}
Zend_Registry::set('Role', $role);
Zend_Registry::set('Resource', $resource);
}
/**
* @param \Zend_Acl_Role $role
*/
private function checkRole(\Zend_Acl_Role $role)
{
$resource = $this->getResource();
if (!$this->acl->has($resource)) {
$errModule = 'gallery';
$errController = 'error';
$errAction = 'error404';
$this->_request->setModuleName($errModule)->setControllerName($errController)->setActionName($errAction);
return;
}
if (!$this->acl->isAllowed($role, $resource)) {
$this->_request->setModuleName('admin')->setControllerName('auth')->setActionName('login');
return;
}
}
/**
* Checks if user has the right to do privilege on resource
*
* @param Zend_Acl_Resource $resource
* @param string $privilege
* @return boolean
*/
public function isAllowed($resource, $privilege)
{
if (!$this->acl->has($resource)) {
return true;
}
return $this->acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $privilege);
}
/**
* Notifies whether the logged-in user has permission for a given resource/
* privilege combination.
*
* If an ACL resource being checked has not been defined, access to that
* resource should not be controlled. This allows plugin writers to
* implement controllers without also requiring them to be aware of the ACL.
*
* Conversely, in the event that an ACL resource has been defined, all access
* permissions for that controller must be properly defined.
*
* The names of resources should correspond to the name of the controller
* class minus 'Controller', e.g.
* Geolocation_IndexController -> 'Geolocation_Index'
* CollectionsController -> 'Collections'
*
* @param string $privilege
* @param Zend_Acl_Resource|string|null (Optional) Resource to check.
* @see getResourceName()
* @return boolean
*/
public function isAllowed($privilege, $resource = null)
{
$allowed = $this->_allowed;
if (isset($allowed[$privilege])) {
return $allowed[$privilege];
}
if ($resource instanceof Zend_Acl_Resource_Interface) {
$resourceObj = $resource;
$resourceName = $resourceObj->getResourceId();
} else {
if (is_string($resource)) {
$resourceName = $resource;
} else {
if (!$resource) {
$resourceName = $this->getResourceName();
}
}
}
// Plugin writers do not need to define an ACL in order for their
// controllers to work.
if (!$this->_acl->has($resourceName)) {
return true;
}
if (!isset($resourceObj)) {
$resourceObj = $this->_acl->get($resourceName);
}
return $this->_acl->isAllowed($this->_currentUser, $resourceObj, $privilege);
}
/**
* Setup the ACL
*
* @return void
*/
protected function _setupAcl()
{
if (!$this->_acl->has($this)) {
$this->_acl->add($this);
$this->_setupPrivileges();
}
}
public function setAcl(Zend_Acl $acl)
{
if (!$acl->has($this->getResourceId())) {
$acl->add($this)->deny(Model_Role::GUEST, $this, array('view', 'delete'));
}
$this->_acl = $acl;
}
/**
* @return void
*/
public function addResource($obj)
{
if (!is_object($obj) || $this->_acl->has($obj)) {
return false;
}
$nameParts = explode('_', strtolower(get_class($obj)));
$simpleName = array_pop($nameParts);
if (!$this->_acl->has($simpleName)) {
$this->_acl->addResource(new Zend_Acl_Resource($simpleName));
}
$this->_acl->addResource($obj->getResourceId(), $simpleName);
if ($obj->isPrivate()) {
$this->_acl->deny(null, $obj->getResourceId(), null, new Default_Model_Acl_HasPermissionAssertion());
}
return true;
}
/**
* Hook into action controller preDispatch() workflow
*
* @return void
*/
public function preDispatch()
{
$role = 'public';
if ($this->getAuth()->hasIdentity()) {
$user = $this->getAuth()->getIdentity();
if (is_object($user)) {
$role = $this->getAuth()->getIdentity()->role;
}
}
$request = $this->getAction()->getRequest();
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
$this->_controllerName = $controller;
$resource = $controller;
$privilege = $action;
if (!$this->_acl->has($resource)) {
$resource = null;
}
if (!$this->_acl->isAllowed($role, $resource, $privilege)) {
$request->setModuleName('default');
$request->setControllerName('error');
$request->setActionName('notauthorised');
$request->setDispatched(false);
}
}
/**
* Hook into action controller preDispatch() workflow
*
* @return void
*/
public function preDispatch()
{
$role = 'guest';
// die($role);
if ($this->_auth->hasIdentity()) {
$user = $this->_auth->getIdentity();
if (is_object($user)) {
$role = $this->_auth->getIdentity()->role;
}
}
$request = $this->_action->getRequest();
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
// $this->view->getLayout()->setLayout($module);
$this->_controllerName = $controller;
$resource = $controller;
$privilege = $action;
if (!$this->_acl->has($resource)) {
$resource = null;
}
if (!$this->_acl->isAllowed($role, $resource, $privilege)) {
if (!$this->_auth->hasIdentity()) {
$noPermsAction = $this->_acl->getNoAuthAction();
} else {
$noPermsAction = $this->_acl->getNoAclAction();
}
$request->setModuleName($noPermsAction['module']);
$request->setControllerName($noPermsAction['controller']);
$request->setActionName($noPermsAction['action']);
$request->setDispatched(false);
}
}
/**
* @return null|Shopware_Components_Auth
* @throws Enlight_Controller_Exception
*/
public function checkAuth()
{
/** @var $auth Shopware_Components_Auth */
$auth = Shopware()->Auth();
if ($auth->hasIdentity()) {
$auth->refresh();
}
$this->initLocale();
if ($auth->hasIdentity()) {
$identity = $auth->getIdentity();
$this->acl = Shopware()->Acl();
$this->aclRole = $identity->role;
if (!$this->acl->has($this->aclResource)) {
return $auth;
}
$actionName = $this->request->getActionName();
if ($this->action instanceof Shopware_Controllers_Backend_ExtJs) {
$rules = $this->action->getAclRules();
}
if (isset($rules[$actionName])) {
$test = $rules[$actionName];
} else {
$test = array('privilege' => 'read');
}
if (!$this->isAllowed($test)) {
throw new Enlight_Controller_Exception($test['errorMessage'] ?: 'Permission denied', 401);
} else {
return $auth;
}
}
return null;
}
/**
* Checks the Acl to see if this $user (role) can preform this $action on this $resource. If no specific rules have been defined for this $resource or the specific resource doesn't exist,
* this function will return false.
*
* @param string|Zend_Acl_Role_Interface $user The user to check
* @param string|Zend_Acl_Resource_Interface $resource The resource to check
* @param string $action The privilege to check
* @return boolean
*/
function isSpecificallyAllowed($user, $resource, $action)
{
if ($this->acl->has($resource)) {
return $this->acl->isAllowed($user, $resource, $action);
}
return false;
}
/**
* Метод загружающий правила ACL
* из хранилища правил в объект Zend_Acl
*
* @throws Excore_Acl_Rules_Exception
* @return void
*/
protected function _loadRules()
{
$rules = $this->_rules->getAll();
foreach ($rules as $rule) {
if (!in_array($rule['type'], $this->_ruleTypes)) {
throw new Excore_Acl_Rules_Exception("Rule type `{$rule['type']}` is invalid rule type for current settings");
}
if (!$this->_acl->hasRole(new Zend_Acl_Role($rule['roleId']))) {
throw new Excore_Acl_Rules_Exception("Role `{$rule['roleId']}` found in rules storage, but was not in roles storage");
}
if (!$this->_acl->has(new Zend_Acl_Resource($rule['resourceId']))) {
throw new Excore_Acl_Rules_Exception("Resource `{$rule['resourceId']}` found in rules storage, but was not in resources storage");
}
$assert = $rule['assert'];
if ($assert !== null) {
$assert = new $assert();
}
switch ($rule['type']) {
case $this->_ruleTypes['TYPE_ALLOW']:
$this->_acl->allow(new Zend_Acl_Role($rule['roleId']), new Zend_Acl_Resource($rule['resourceId']), $rule['privileges'], $assert);
break;
case $this->_ruleTypes['TYPE_DENY']:
$this->_acl->deny(new Zend_Acl_Role($rule['roleId']), new Zend_Acl_Resource($rule['resourceId']), $rule['privileges'], $assert);
break;
}
}
}
/**
* Return true if current user is allowed to access the given MVC request
*
* @param AbstractRequest $request
* @return bool
*/
private function _isUserAllowed(AbstractRequest $request)
{
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
if ('error' === $controller) {
return true;
}
$resource = 'mvc:' . $module . ':' . $controller . ':' . $action;
#Logger::debug(__METHOD__.':: Testing resource: '.$resource);
#if($this->_acl->has($resource)) Logger::debug(__METHOD__.':: ACL has resource');
if ($this->_acl->has($resource) && $this->_acl->isUserAllowed($resource, 'view')) {
return true;
}
$resource = 'mvc:' . $module . ':' . $controller;
#Logger::debug(__METHOD__.':: Testing resource: '.$resource);
#if($this->_acl->has($resource)) Logger::debug(__METHOD__.':: ACL has resource');
#if($this->_acl->has($resource) && $this->_acl->isUserAllowed($resource, 'view')) return true;
if ($this->_acl->has($resource)) {
return $this->_acl->isUserAllowed($resource, 'view');
} else {
// Does user have global access?
return $this->_acl->isUserAllowed('mvc:' . $module . ':all', 'view');
}
return false;
}
/**
* Check that the user has an identity (is logged in) and that they have
* sufficient access to the resource (page) requested.
*
* (non-PHPdoc)
* @see Zend_Controller_Plugin_Abstract::preDispatch()
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// If we are on the error controller, return immediately to prevent
// any database errors happening on error page
if ($request->controller == "error") {
return;
}
// First determine what role we have (admin, member or guest)
if ($this->_auth->hasIdentity()) {
$username = Zend_Auth::getInstance()->getIdentity();
$userMapper = new GD_Model_UsersMapper();
$user = $userMapper->getUserByName($username);
if ($user->isAdmin()) {
$role = 'admin';
} else {
$role = 'member';
}
} else {
$role = 'guest';
}
// Set the initial request - these will be unmodified if access allowed
$controller = $request->controller;
$action = $request->action;
$module = $request->module;
$resource = $controller;
if (!$this->_acl->has($resource)) {
$resource = null;
}
// Use Zend_Acl to check access permissions
if (!$this->_acl->isAllowed($role, $resource, $action)) {
if (!$this->_auth->hasIdentity()) {
$module = $this->_noauth['module'];
$controller = $this->_noauth['controller'];
$action = $this->_noauth['action'];
} else {
$module = $this->_noacl['module'];
$controller = $this->_noacl['controller'];
$action = $this->_noacl['action'];
}
}
// If the module/controller/action has changed, change the request
if ($request->controller != $controller || $request->action != $action || $request->module != $module) {
$request->setModuleName($module);
$request->setControllerName($controller);
$request->setActionName($action);
}
}
public function getResource(Zend_Controller_Request_Abstract $request)
{
$resourceName = $request->getModuleName() . '.' . $request->getControllerName() . '.' . $request->getActionName();
if (!$this->_acl->has($resourceName) && $this->_autoRegisterResources) {
$this->_registerResource($resourceName);
}
return $resourceName;
}
protected function _unknowRoute($controller)
{
$this->_acl = Zend_Registry::get('acl');
if (!$this->_acl->has($controller)) {
return false;
}
return true;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
try {
$module = $request->getModuleName();
if ($module == 'admin') {
$moduleList = new Zend_Session_Namespace('moduleList');
$userInfo = new Zend_Session_Namespace('userInfo');
$module = $moduleList->module;
$allowed_module = $userInfo->module_list;
//generating all resources
$acl = new Zend_Acl();
//generating user permission
$acl->addRole(new Zend_Acl_Role('admin'));
$acl->addRole(new Zend_Acl_Role('anonymous'));
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('ajax'));
$acl->allow('admin', 'index');
$acl->allow('admin', 'ajax');
if (!empty($module)) {
foreach ($module as $value) {
if (!$acl->has($value['controller'])) {
$acl->add(new Zend_Acl_Resource($value['controller']));
}
if (in_array($value['id'], $allowed_module)) {
if ($value['action'] != null) {
$acl->allow('admin', $value['controller'], $value['action']);
} else {
$acl->allow('admin', $value['controller']);
}
}
}
}
//allowing anonymous user to get into the login page
$acl->allow('anonymous', 'index', 'index');
$acl->allow('anonymous', 'index', 'login');
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$role = 'admin';
} else {
$role = 'anonymous';
}
$controller = $request->controller;
$action = $request->action;
if (!$acl->isAllowed($role, $controller, $action)) {
$request->setModuleName('admin');
$request->setControllerName('error');
$request->setActionName('acl');
$request->setParam('type', 1);
}
}
} catch (Zend_Acl_Exception $e) {
$request->setModuleName('admin');
$request->setControllerName('error');
$request->setActionName('acl');
$request->setParam('type', 2);
}
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$resource = null;
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
$front = Zend_Controller_Front::getInstance();
$defaultModule = $front->getDefaultModule();
if ($module != '' && $module != $defaultModule) {
$resource .= $module . ':';
}
$resource .= $controller;
if ($this->_acl->has(new Zend_Acl_Resource($resource))) {
if (!$this->_acl->isAllowed(new Zend_Acl_Role($this->_role), new Zend_Acl_Resource($resource), $action)) {
$request->setModuleName($defaultModule)->setControllerName('error')->setActionName($this->_denyAction)->setParam('error_handler', true);
}
}
}
/**
* Deny access to this role for a particular permissible object (or globally)
*
* @param string permission to deny
* @param QFrame_Permissible (optional) permissible object to deny access to
*/
public function deny($permission, QFrame_Permissible $permissible = null)
{
$resource = $permissible === null ? "GLOBAL" : $permissible->getPermissionID();
if (!$this->acl->hasRole($permission)) {
$this->acl->addRole(new Zend_Acl_Role($permission));
}
if (!$this->acl->has($resource)) {
$this->acl->add(new Zend_Acl_Resource($resource));
}
$this->acl->deny($permission, $resource);
}
/**
* @covers System_Acl_Loader_Options::load
* @covers System_Acl_Loader_Options::<protected>
*/
public function testLoadRules()
{
$this->object->setOptions(array(System_Acl_Loader_Options::ACL => array(System_Acl_Loader_Options::RULE_ALLOW => array('test' => array('test'), 'test1' => array('res-res_res', 'res1')))));
$this->object->load();
self::assertTrue($this->acl->isAllowed('test', 'test'));
self::assertTrue($this->acl->isAllowed('test1', 'res1'));
self::assertTrue($this->acl->has('res'));
self::assertTrue($this->acl->inherits('res.res', 'res', true));
self::assertTrue($this->acl->has('res.res'));
self::assertTrue($this->acl->has('res.res.res'));
self::assertFalse($this->acl->isAllowed('test1', 'res'));
self::assertFalse($this->acl->isAllowed('test1', 'res.res'));
self::assertTrue($this->acl->isAllowed('test1', 'res.res.res'));
}
private function _addResourceById(array $resources, $resourceId)
{
foreach ($resources as $resourceName => $properties) {
$resourceName = strtolower($resourceName);
// If the properties aren't set as an array, then we will consider
// the value as the resource ID.
if (!is_array($properties)) {
$properties = array('id' => $properties);
}
$id = $properties['id'];
$parent = null;
$resource = null;
$allowRules = array();
$denyRules = array();
if ($resourceName === 'all') {
$id = 'all';
}
if (is_null($id) || empty($id)) {
throw new Zend_Application_Resource_Exception(sprintf($this->_missingPropertyMessage, 'ID', 'resource', $resourceName));
}
if (isset($properties['parent']) && !empty($properties['parent'])) {
$parent = $properties['parent'];
}
if (isset($properties['allow']) && !empty($properties['allow'])) {
$allowRules = $properties['allow'];
}
if (isset($properties['deny']) && !empty($properties['deny'])) {
$denyRules = $properties['deny'];
}
if ($id == $resourceId) {
if ($this->_acl->has($resourceId)) {
return;
}
if (!is_null($parent)) {
if (!$this->_acl->has($parent)) {
$this->_addResourceById($resources, $parent);
}
}
if ($resourceId !== 'all') {
$resource = new Zend_Acl_Resource($resourceId);
$this->_acl->addResource($resource, $parent);
}
$this->_addRules(Zend_Acl::TYPE_ALLOW, $allowRules, $resource, $resourceName);
$this->_addRules(Zend_Acl::TYPE_DENY, $denyRules, $resource, $resourceName);
// Since we've finished adding the specified resource, let's break
// from our loop.
break;
}
}
}
