/**
  * Returns true if and only if the assertion conditions are met
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  null                        $privilege
  * @return bool
  * @throws Exception
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     switch (true) {
         case $resource instanceof OrgModelAbstract:
             return $orgId === $resource->getParentId();
         case $resource instanceof Model\PreBillModel:
             return true;
             //TODO: we need serviceProviderId from ericsson
             return $orgId === $resource->getServiceProvider()->getId();
         case $resource instanceof UserModel:
             try {
                 $org = $resource->getOrganization();
                 if (NULL !== $org) {
                     return $orgId === $org->getParentId();
                 }
                 App::log()->err("User (" . $resource->getId() . ") organization (" . $resource->getOrganizationId() . ") doesn't exist");
                 return false;
             } catch (Exception $e) {
                 return false;
             }
         case $resource instanceof Model\CommercialGroupModel:
             // customerId is one of service provider customers?
             // TODO aggregatorId case?
             $org = OrgService::getInstance()->load($resource->getCustomerId());
             return $org && $orgId === $org->getParentId();
         case $resource instanceof Model\ReportModel:
             $params = $resource->getParams();
             if (isset($params['orgId']) && !empty($params['orgId'])) {
                 $org = OrgService::getInstance()->load($params['orgId']);
                 return $org && $orgId === $org->getParentId();
             } else {
                 return true;
             }
     }
     throw new Exception('Resource must be an instance of OrgModelAbstract or UserModel');
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     $org = Service\OrgService::getInstance()->load($orgId);
     if (!$org) {
         return false;
     }
     switch (true) {
         case $resource instanceof Model\ServicePackModel:
             return $org->getParentId() === $resource->getServiceProvider();
     }
     throw new Exception('Resource must be an instance of ServicePack');
 }