/** * Load Acl resources from config * * @param Mage_Api_Model_Acl $acl * @param Mage_Core_Model_Config_Element $resource * @param string $parentName * @return Mage_Api_Model_Config */ public function loadAclResources(Mage_Api_Model_Acl $acl, $resource = null, $parentName = null) { $resourceName = null; if (is_null($resource)) { $resource = $this->getNode('acl/resources'); } else { $resourceName = (is_null($parentName) ? '' : $parentName . '/') . $resource->getName(); $acl->add(Mage::getModel('api/acl_resource', $resourceName), $parentName); } $children = $resource->children(); if (empty($children)) { return $this; } foreach ($children as $res) { if ($res->getName() != 'title' && $res->getName() != 'sort_order') { $this->loadAclResources($acl, $res, $resourceName); } } return $this; }
/** * Load rules * * @param Mage_Api_Model_Acl $acl * @param array $rulesArr * @return Mage_Api_Model_Mysql4_Acl */ function loadRules(Mage_Api_Model_Acl $acl, array $rulesArr) { foreach ($rulesArr as $rule) { $role = $rule['role_type'] . $rule['role_id']; $resource = $rule['resource_id']; $privileges = !empty($rule['privileges']) ? explode(',', $rule['privileges']) : null; $assert = null; if (0 != $rule['assert_id']) { $assertClass = AO::getSingleton('api/config')->getAclAssert($rule['assert_type'])->getClassName(); $assert = new $assertClass(unserialize($rule['assert_data'])); } try { if ($rule['permission'] == 'allow') { $acl->allow($role, $resource, $privileges, $assert); } else { if ($rule['permission'] == 'deny') { $acl->deny($role, $resource, $privileges, $assert); } } } catch (Exception $e) { //$m = $e->getMessage(); //if ( eregi("^Resource '(.*)' not found", $m) ) { // Deleting non existent resource rule from rules table //$cond = $this->_write->quoteInto('resource_id = ?', $resource); //$this->_write->delete(AO::getSingleton('core/resource')->getTableName('admin/rule'), $cond); //} else { //TODO: We need to log such exceptions to somewhere like a system/errors.log //} } /* switch ($rule['permission']) { case Mage_Api_Model_Acl::RULE_PERM_ALLOW: $acl->allow($role, $resource, $privileges, $assert); break; case Mage_Api_Model_Acl::RULE_PERM_DENY: $acl->deny($role, $resource, $privileges, $assert); break; } */ } return $this; }