/**
* Returns an existing or new access control list
*
* @returns AclList
*/
public function getAcl()
{
if (!isset($this->persistent->acl)) {
$acl = new AclList();
$acl->setDefaultAction(Acl::DENY);
$config = $this->getDI()->get('config')->acl;
//Register roles
foreach ($config->roles as $role => $inheritance) {
$role = new Role($role);
if ($acl->isRole($inheritance) && !is_null($inheritance)) {
$inheritance = new Role($inheritance);
}
$acl->addRole($role, $inheritance);
}
//Register resources
foreach ($config->resources as $resource => $actions) {
$acl->addResource(new Resource($resource), $actions->toArray());
}
//Privileges
foreach ($config->privilege as $role => $methodList) {
foreach ($methodList as $method => $levels) {
foreach ($levels as $resource => $accessList) {
foreach ($accessList as $access) {
if ($method == 'allow') {
$acl->allow($role, $resource, $access);
} else {
$acl->deny($role, $resource, $access);
}
}
}
}
}
//The acl is stored in session, APC would be useful here too
$this->persistent->acl = $acl;
}
return $this->persistent->acl;
}
public function isRole($roleName)
{
return parent::isRole($roleName);
}
/**
* Tests the role name
*
* @author Nikos Dimopoulos <*****@*****.**>
* @since 2012-11-04
*/
public function testRoleName()
{
$acl = new PhAclMem();
$aclRole = new PhAclRole('Administrators', 'Super User access');
$acl->addRole($aclRole);
$exists = $acl->isRole('Administrators');
$this->assertTrue($exists, 'Acl\\Role does not exist in Acl');
}
