/** * Return the cached description of the roles * that have access to this controller * * @param string $controllerClassName * @return array */ public static function getControllerAccess($controllerClassName) { try { $returnValue = self::getCacheImplementation()->get(self::SERIAL_PREFIX_MODULE . $controllerClassName); } catch (common_cache_Exception $e) { $extId = funcAcl_helpers_Map::getExtensionFromController($controllerClassName); $extension = funcAcl_helpers_Map::getUriForExtension($extId); $module = funcAcl_helpers_Map::getUriForController($controllerClassName); $serial = self::buildModuleSerial(new core_kernel_classes_Resource($module)); $roleClass = new core_kernel_classes_Class(CLASS_ROLE); $accessProperty = new core_kernel_classes_Property(PROPERTY_ACL_GRANTACCESS); $actionIdentifierProperty = new core_kernel_classes_Property(PROPERTY_ACL_COMPONENT_ID); $memberOfProperty = new core_kernel_classes_Property(PROPERTY_ACL_ACTION_MEMBEROF); $returnValue = array('module' => array(), 'actions' => array()); // roles by extensions $roles = $roleClass->searchInstances(array($accessProperty->getUri() => $extension), array('recursive' => true, 'like' => false)); foreach ($roles as $grantedRole) { $returnValue['module'][] = $grantedRole->getUri(); } // roles by controller $filters = array($accessProperty->getUri() => $module); $options = array('recursive' => true, 'like' => false); foreach ($roleClass->searchInstances($filters, $options) as $grantedRole) { $returnValue['module'][] = $grantedRole->getUri(); } // roles by action foreach (ControllerHelper::getActions($controllerClassName) as $actionName) { $actionUri = funcAcl_helpers_Map::getUriForAction($controllerClassName, $actionName); $rolesForAction = $roleClass->searchInstances(array($accessProperty->getUri() => $actionUri), array('recursive' => true, 'like' => false)); if (!empty($rolesForAction)) { $actionName = funcAcl_helpers_Map::getActionFromUri($actionUri); $returnValue['actions'][$actionName] = array(); foreach ($rolesForAction as $roleResource) { $returnValue['actions'][$actionName][] = $roleResource->getUri(); } } } self::getCacheImplementation()->put($returnValue, self::SERIAL_PREFIX_MODULE . $controllerClassName); } return $returnValue; }
protected function buildControllerData($controllerClassName, $roleUri, $includedRoleUris) { $modUri = funcAcl_helpers_Map::getUriForController($controllerClassName); $moduleAccess = funcAcl_helpers_Cache::getControllerAccess($controllerClassName); $uri = explode('#', $modUri); list($type, $extId, $modId) = explode('_', $uri[1]); $access = self::ACCESS_NONE; if (count(array_intersect($includedRoleUris, $moduleAccess['module'])) > 0) { $access = self::ACCESS_INHERITED; } elseif (true === in_array($roleUri, $moduleAccess['module'])) { $access = self::ACCESS_FULL; } else { // have a look at actions. foreach ($moduleAccess['actions'] as $roles) { if (in_array($roleUri, $roles) || count(array_intersect($includedRoleUris, $roles)) > 0) { $access = self::ACCESS_PARTIAL; break; } } } return array('uri' => $modUri, 'label' => $modId, 'access' => $access); }