/** * Create the form-service * * @param \Zend\ServiceManager\ServiceLocatorInterface $serviceLocator * @return \Zend\Permissions\Acl\Acl */ public function createService(ServiceLocatorInterface $serviceLocator) { // Configure the locale $config = $serviceLocator->get('Configuration'); $srvConfig = isset($config['acl']) ? $config['acl'] : array(); $acl = new Acl(); if (!empty($srvConfig['roles'])) { foreach ((array) $srvConfig['roles'] as $role => $parents) { $acl->addRole((string) $role, $parents); } } if (!empty($srvConfig['resources'])) { foreach ((array) $srvConfig['resources'] as $resource => $parent) { $acl->addResource($resource, $parent); } } if (!empty($srvConfig['allow'])) { foreach ((array) $srvConfig['allow'] as $allow) { $acl->allow($allow['role'], $allow['resource'], $allow['privilege']); } } if (!empty($srvConfig['deny'])) { foreach ((array) $srvConfig['deny'] as $deny) { $acl->deny($deny['role'], $deny['resource'], $deny['privilege']); } } return $acl; }
public function testReturnsFalseIfIdentityFailsAcls() { $listener = $this->listener; $this->authorization->addResource('Foo\\Bar\\Controller::index'); $this->authorization->deny('guest', 'Foo\\Bar\\Controller::index', 'POST'); $this->mvcAuthEvent->setResource('Foo\\Bar\\Controller::index'); $this->mvcAuthEvent->getMvcEvent()->getRequest()->setMethod('POST'); $this->authentication->setIdentity(new GuestIdentity()); $this->assertFalse($listener($this->mvcAuthEvent)); }
/** * Sets up permissions for the module * * @param \Acl $acl */ public static function addSongbookPrivileges($acl) { $acl->addRole('songbook - vstup'); $acl->addRole('songbook - vytváření/editace', 'songbook - vstup'); $acl->addRole('songbook - mazání', 'songbook - vytváření/editace'); $acl->addResource("Oddil:Songbook"); $acl->allow("base - člen", "Oddil:Songbook", "display"); $acl->allow("songbook - vstup", "Oddil:Songbook", "default"); $acl->allow("songbook - vytváření/editace", "Oddil:Songbook", ["add", "edit"]); $acl->allow("songbook - mazání", "Oddil:Songbook", "delete"); }
/** * @param \Acl $acl */ private function addVIPChroniclePermissions($acl) { $acl->addRole('vip - vstup'); $acl->addRole('vip - vytváření/editace', 'vip - vstup'); $acl->addRole('vip - popisky', 'vip - vytváření/editace'); $acl->addRole('vip - generování', 'vip - popisky'); $acl->addRole('vip - zobrazování', 'vip - generování'); $acl->addRole('vip - mazání', 'vip - zobrazování'); $acl->addResource(self::MODULE_NAME . ':Admin:Vipchronicle'); $acl->allow('vip - vstup', self::MODULE_NAME . ':Admin:Vipchronicle', 'default'); $acl->allow('vip - vytváření/editace', self::MODULE_NAME . ':Admin:Vipchronicle', 'create'); $acl->allow('vip - vytváření/editace', self::MODULE_NAME . ':Admin:Vipchronicle', 'edit'); $acl->allow('vip - popisky', self::MODULE_NAME . ':Admin:Vipchronicle', 'photos'); $acl->allow('vip - generování', self::MODULE_NAME . ':Admin:Vipchronicle', 'generate'); $acl->allow('vip - zobrazování', self::MODULE_NAME . ':Admin:Vipchronicle', 'show'); $acl->allow('vip - mazání', self::MODULE_NAME . ':Admin:Vipchronicle', 'delete'); }