/** * Registers services on the given app. * * This method should only be used to configure services and parameters. * It should not get services. * * @param Application $app */ public function register(Application $app) { $app['zend.acl.role_hierarchy'] = isset($app['zend.acl.role_hierarchy']) ? $app['zend.acl.role_hierarchy'] : []; $app['zend.acl.resource_hierarchy'] = isset($app['zend.acl.resource_hierarchy']) ? $app['zend.acl.resource_hierarchy'] : []; $app['zend.acl.access_control.allow'] = isset($app['zend.acl.access_control.allow']) ? $app['zend.acl.access_control.allow'] : []; $app['zend.acl.access_control.deny'] = isset($app['zend.acl.access_control.deny']) ? $app['zend.acl.access_control.deny'] : []; $app['zend.acl'] = $app->share(function () use($app) { $acl = new Acl($app['zend.acl.resource_hierarchy']); $acl->setRoleRegistry(new Registry($app['zend.acl.role_hierarchy'])); foreach ($app['zend.acl.access_control.allow'] as $rule) { list($roles, $resources, $privileges, $assertion) = $rule; $acl->allow($roles, $resources, $privileges, is_string($assertion) ? $app[$assertion] : $assertion); } foreach ($app['zend.acl.access_control.deny'] as $rule) { list($roles, $resources, $privileges, $assertion) = $rule; $acl->deny($roles, $resources, $privileges, is_string($assertion) ? $app[$assertion] : $assertion); } return $acl; }); }