public function testAclFiltersAwayPagesFromContainerSearch() { $acl = new Acl\Acl(); $acl->addRole(new Role\GenericRole('member')); $acl->addRole(new Role\GenericRole('admin')); $acl->addResource(new Resource\GenericResource('protected')); $acl->allow('admin', 'protected'); $this->_helper->setAcl($acl); $this->_helper->setRole($acl->getRole('member')); $oldContainer = $this->_helper->getContainer(); $container = $this->_helper->getContainer(); $iterator = new \RecursiveIteratorIterator( $container, \RecursiveIteratorIterator::SELF_FIRST); foreach ($iterator as $page) { $page->resource = 'protected'; } $this->_helper->setContainer($container); $active = $this->_helper->findOneByLabel('Home'); $search = array( 'start' => 'Page 1', 'next' => 'Page 1', 'prev' => 'Page 1.1', 'chapter' => 'Home', 'section' => 'Page 1', 'subsection' => 'Page 2.2' ); $expected = array(); $actual = array(); foreach ($search as $type => $active) { $expected[$type] = false; $active = $this->_helper->findOneByLabel($active); $found = $this->_helper->findRelation($active, 'rel', $type); if (null === $found) { $actual[$type] = false; } elseif (is_array($found)) { $actual[$type] = 'array(' . count($found) . ')'; } else { $actual[$type] = $found->getLabel(); } } $this->assertEquals($expected, $actual); }
/** * @group ZF-7973 */ public function testAclPassesPrivilegeToAssertClass() { $assertion = new TestAsset\AssertionZF7973(); $acl = new Acl\Acl(); $acl->addRole('role'); $acl->addResource('resource'); $acl->allow('role', null, null, $assertion); $allowed = $acl->isAllowed('role', 'resource', 'privilege', $assertion); $this->assertTrue($allowed); }
function initAcl(ZendAcl $acl) { $acl->allow("testrole", null, "hello"); $acl->allow("testrole2", null, "hello2"); return true; }
/** * Sets up ACL * * @return Acl */ protected function _getAcl() { $acl = new Acl(); $acl->addRole(new GenericRole('guest')); $acl->addRole(new GenericRole('member'), 'guest'); $acl->addRole(new GenericRole('admin'), 'member'); $acl->addRole(new GenericRole('special'), 'member'); $acl->addResource(new GenericResource('guest_foo')); $acl->addResource(new GenericResource('member_foo'), 'guest_foo'); $acl->addResource(new GenericResource('admin_foo', 'member_foo')); $acl->addResource(new GenericResource('special_foo'), 'member_foo'); $acl->allow('guest', 'guest_foo'); $acl->allow('member', 'member_foo'); $acl->allow('admin', 'admin_foo'); $acl->allow('special', 'special_foo'); $acl->allow('special', 'admin_foo', 'read'); return array('acl' => $acl, 'role' => 'special'); }
protected function loadRule(ZendAcl $acl, array $rule, $type) { $privileges = null; if (count($rule) == 3) { //role/resource/privilege defined list($roles, $resources, $privileges) = $rule; } else { if (count($rule) == 2) { //role/resource defined list($roles, $resources) = $rule; } else { throw new InvalidArgumentException("What is this rule definition about? " . print_r($rule, true)); } } if ($type == 'allow') { $acl->allow($roles, $resources, $privileges); } else { $acl->deny($roles, $resources, $privileges); } }