protected function _initAcl() { $acl = new Zend_Acl(); $acl->addRole(Infra_AclHelper::ROLE_GUEST); $currentRole = Infra_AclHelper::getCurrentRole(); $currentPermissions = Infra_AclHelper::getCurrentPermissions(); if (!$acl->hasRole($currentRole)) { $acl->addRole($currentRole); } $accessItems = Zend_Registry::get('config')->access; $allAccess = array(); foreach ($accessItems as $resource => $accessConfig) { if (!$accessConfig instanceof Zend_Config) { $requiredPermissions = $accessConfig; } else { if (isset($accessConfig->all)) { $requiredPermissions = $accessConfig->all; } else { continue; } } $acl->addResource(new Zend_Acl_Resource($resource)); if ($requiredPermissions) { $allow = true; if ($requiredPermissions != '*') { $allAccess[$resource] = $requiredPermissions; $requiredPermissions = array_map('trim', explode(',', $requiredPermissions)); foreach ($requiredPermissions as $required) { if (!in_array($required, $currentPermissions, true)) { $allow = false; break; } } } if ($allow) { $acl->allow($currentRole, $resource); } else { $acl->deny($currentRole, $resource); } } } foreach ($accessItems as $resource => $accessConfig) { if ($accessConfig instanceof Zend_Config) { foreach ($accessConfig as $action => $requiredPermissions) { if ($action == 'all') { continue; } $acl->addResource(new Zend_Acl_Resource($resource . $action), $resource); $allow = true; if ($requiredPermissions != '*') { if (isset($allAccess[$resource])) { $requiredPermissions .= ',' . $allAccess[$resource]; } $requiredPermissions = array_map('trim', explode(',', $requiredPermissions)); foreach ($requiredPermissions as $required) { if (!in_array($required, $currentPermissions, true)) { $allow = false; break; } } } else { //If no special permission is required to view this resource, it should be added to the whitelisted resources $resourceUrl = "{$resource}/{$action}"; Infra_AuthPlugin::addToWhitelist($resourceUrl); } if ($allow) { $acl->allow($currentRole, $resource, $action); } else { $acl->deny($currentRole, $resource, $action); } } } } Zend_Registry::set('acl', $acl); }
public function listAction() { $request = $this->getRequest(); $page = $this->_getParam('page', 1); $pageSize = $this->_getParam('pageSize', 10); // reset form url $action = $this->view->url(array('controller' => $request->getParam('controller'), 'action' => $request->getParam('action')), null, true); $client = Infra_ClientHelper::getClient(); $form = new Form_PartnerFilter(); $form->setAction($action); $systemPartnerPlugin = Kaltura_Client_SystemPartner_Plugin::get($client); $partnerPackages = $systemPartnerPlugin->systemPartner->getPackages(); Form_PackageHelper::addPackagesToForm($form, $partnerPackages, 'partner_package', true, 'All Service Editions'); if ($request->isPost() && $request->getParam('filter_type')) { $form->isValid($request->getPost()); } $this->view->partnerPackages = array(); foreach ($partnerPackages as $package) { $this->view->partnerPackages[$package->id] = $package->name; } // init filter $partnerFilter = $this->getPartnerFilterFromRequest($request); // if non-commercial partners are not allowed, add to filter if (Infra_AclHelper::isAllowed('partner', 'commercial')) { $this->view->commercialFiltered = false; } else { $this->view->commercialFiltered = true; $partnerFilter->partnerPackageLessThanOrEqual = self::PARTNER_PACKAGE_FREE; } // get results and paginate $systemPartnerPlugin = Kaltura_Client_SystemPartner_Plugin::get($client); $paginatorAdapter = new Infra_FilterPaginator($systemPartnerPlugin->systemPartner, "listAction", null, $partnerFilter); $paginator = new Infra_Paginator($paginatorAdapter, $request); $paginator->setCurrentPageNumber($page); $paginator->setItemCountPerPage($pageSize); // popule the form $form->populate($request->getParams()); // set view $this->view->form = $form; $this->view->paginator = $paginator; $plugins = array(); $pluginInstances = KalturaPluginManager::getPluginInstances('IKalturaAdminConsolePages'); $partnerActionPluginPages = array(); foreach ($pluginInstances as $pluginInstance) { $pluginPages = $pluginInstance->getApplicationPages(Infra_AclHelper::getCurrentPermissions()); foreach ($pluginPages as $pluginPage) { if ($pluginPage instanceof IKalturaAdminConsolePublisherAction && $pluginPage->accessCheck(Infra_AclHelper::getCurrentPermissions())) { $partnerActionPluginPages[] = $pluginPage; } } } $this->view->partnerActionPluginPages = $partnerActionPluginPages; }