public function checkAccess(Zend_Controller_Request_Abstract $request)
{
$resource = new User_Model_Acl_Resource();
$resource->getPrivileges($request);
if (!$resource->privileges || !$resource->resource_id) {
//error in getting resource privileges or nobody is allowed access, deny access and redirect to forbidden
return false;
}
$acl = new Zend_Acl();
$acl->add(new Zend_Acl_Resource($resource->resource_id));
foreach ($resource->privileges as $key => $privilege) {
if (!$acl->hasRole($privilege["role_id"])) {
$acl->addRole(new Zend_Acl_Role($privilege["role_id"]));
$acl->allow($privilege["role_id"], $resource->resource_id);
}
}
$authorization = Zend_Auth::getInstance();
if ($authorization->hasIdentity()) {
$user = $authorization->getIdentity();
if ($acl->hasRole($user['role_id']) && $acl->isAllowed($user['role_id'], $resource->resource_id)) {
//role has access
return true;
}
//user role does not have access to this resource
return false;
} else {
$aclrole = new User_Model_Acl_Role();
$aclrole->getDefaultRole();
if (!$aclrole->default_role || !$acl->hasRole($aclrole->default_role) || !$acl->isAllowed($aclrole->default_role, $resource->resource_id)) {
//redirect to login
return false;
}
}
return true;
}
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
if (!in_array(Zend_Controller_Front::getInstance()->getRouter()->getCurrentRouteName(), array('admin', 'admin_language'))) {
return;
}
$resource = new User_Model_Acl_Resource();
$resource->getAdminPrivileges();
if ($resource->admin_privileges) {
//$actionStack = Zend_Controller_Action_HelperBroker::getStaticHelper('ActionStack');
$actionStack = new Zend_Controller_Plugin_ActionStack();
foreach ($resource->admin_privileges as $module => $actions) {
$class = ucfirst($module) . '_AdminController';
if (!class_exists($class)) {
Zend_Loader::loadFile(APPLICATION_PATH . '/modules/' . $module . '/controllers/AdminController.php');
}
$reflection = new Zend_Reflection_Class($class);
$method = null;
try {
if ($method = $reflection->getMethod('menuAction')) {
$actionStack->pushStack(new Zend_Controller_Request_Simple('menu', 'admin', $module, array('admin_actions' => array_flip($actions))));
}
} catch (Exception $e) {
}
}
}
}
