function dropNamespace($ns)
{
$mapper = Application\Model\Mapper\PermissionMapper::getInstance();
echo "Removing old {$ns} data...\n";
$namespace = $mapper->getNamespace($ns, true);
$namespace->dropCollection();
echo "Old data removed!\n";
}
function updateNamespace($ns, $file)
{
echo "Parsing namespace '{$ns}' ({$file})...\n";
$acl = App_Acl_Factory::createAclFromFile($file, true);
echo "Namespace parsed!\n";
$mapper = Application\Model\Mapper\PermissionMapper::getInstance();
$namespace = $mapper->getNamespace($ns, true);
echo "Creating new permission map for namespace '{$ns}'...\n";
$roles = $acl->getRoles();
$resPrivs = $acl->getAllPrivileges();
foreach ($roles as $role) {
// Divide roles into role-orgType
$aRole = explode('-', $role);
if (count($aRole) <= 1) {
echo "Ignoring role {$role}...\n";
continue;
}
$thisOrgType = array_pop($aRole);
$roleName = implode('-', $aRole);
if ($roleName == 'org' || !in_array($thisOrgType, array('super', 'master', 'provider', 'customer', 'aggregator', 'enduser'))) {
echo "Ignoring role {$role}...\n";
continue;
}
echo "Creating permission map for {$role}...\n";
$mapper->addRoleId($role);
$allowed = $acl->getAllowedMapForRole($role);
foreach ($resPrivs as $resource => $privs) {
echo "Creating resource '{$resource}' for {$role}...";
$namespace->namespaceAddResource($resource);
echo " Resource created!\n";
foreach ($privs as $priv) {
$isAllowed = in_array($priv, isset($allowed[$resource]) ? $allowed[$resource] : array());
if (!$isAllowed) {
continue;
}
$asserts = array();
// Getting an App_Acl_Assert_Combine instance!
$as = $acl->getAssert($role, $resource, $priv);
$as = $as ? $as->getAsserts() : array();
foreach ($as as $assert) {
$asserts[] = $assert;
}
$namespace->setPermission($role, $resource, $priv, $asserts);
}
}
echo "Permission map for {$role} created!\n";
}
echo "Permission map for namespace '{$ns}' created!\n";
}
