/**
* Create auth adapter
*
* @param string $rolefile File containing XML with users and roles
*/
public function __construct($rolefile)
{
$this->acl = new Acl();
$xml = simplexml_load_file($rolefile);
/*
Roles file format:
<roles>
<role id=”admin”>
<user name=”user1” password=”pwd”/>
</role>
<role id=”hr”>
<user name=”user2” password=”pwd2”/>
</role>
</roles>
*/
foreach($xml->role as $role) {
$this->acl->addRole(new Role\GenericRole((string)$role["id"]));
foreach($role->user as $user) {
$this->users[(string)$user['name']] = array(
'password' => (string)$user['password'],
'role' => (string)$role['id']
);
}
}
}
public function testAclFiltersAwayPagesFromContainerSearch()
{
$acl = new Acl\Acl();
$acl->addRole(new Role\GenericRole('member'));
$acl->addRole(new Role\GenericRole('admin'));
$acl->addResource(new Resource\GenericResource('protected'));
$acl->allow('admin', 'protected');
$this->_helper->setAcl($acl);
$this->_helper->setRole($acl->getRole('member'));
$oldContainer = $this->_helper->getContainer();
$container = $this->_helper->getContainer();
$iterator = new \RecursiveIteratorIterator(
$container,
\RecursiveIteratorIterator::SELF_FIRST);
foreach ($iterator as $page) {
$page->resource = 'protected';
}
$this->_helper->setContainer($container);
$active = $this->_helper->findOneByLabel('Home');
$search = array(
'start' => 'Page 1',
'next' => 'Page 1',
'prev' => 'Page 1.1',
'chapter' => 'Home',
'section' => 'Page 1',
'subsection' => 'Page 2.2'
);
$expected = array();
$actual = array();
foreach ($search as $type => $active) {
$expected[$type] = false;
$active = $this->_helper->findOneByLabel($active);
$found = $this->_helper->findRelation($active, 'rel', $type);
if (null === $found) {
$actual[$type] = false;
} elseif (is_array($found)) {
$actual[$type] = 'array(' . count($found) . ')';
} else {
$actual[$type] = $found->getLabel();
}
}
$this->assertEquals($expected, $actual);
}
/**
* Sets up ACL
*
* @return Acl
*/
protected function _getAcl()
{
$acl = new Acl();
$acl->addRole(new GenericRole('guest'));
$acl->addRole(new GenericRole('member'), 'guest');
$acl->addRole(new GenericRole('admin'), 'member');
$acl->addRole(new GenericRole('special'), 'member');
$acl->addResource(new GenericResource('guest_foo'));
$acl->addResource(new GenericResource('member_foo'), 'guest_foo');
$acl->addResource(new GenericResource('admin_foo', 'member_foo'));
$acl->addResource(new GenericResource('special_foo'), 'member_foo');
$acl->allow('guest', 'guest_foo');
$acl->allow('member', 'member_foo');
$acl->allow('admin', 'admin_foo');
$acl->allow('special', 'special_foo');
$acl->allow('special', 'admin_foo', 'read');
return array('acl' => $acl, 'role' => 'special');
}
/**
* @group ZF-7973
*/
public function testAclPassesPrivilegeToAssertClass()
{
$assertion = new TestAsset\AssertionZF7973();
$acl = new Acl\Acl();
$acl->addRole('role');
$acl->addResource('resource');
$acl->allow('role', null, null, $assertion);
$allowed = $acl->isAllowed('role', 'resource', 'privilege', $assertion);
$this->assertTrue($allowed);
}
/**
* This can load roles in simple structure only for now
* array(
* 'myuser' => 'user'
* 'superuser' => array('admin', 'user','auth', 'guest')
* )
*
* @author mz
* @param ZendAcl $acl
* @param array $roles
*/
protected function loadRoles(ZendAcl $acl, array $roles)
{
foreach ($roles as $role => $parentRoles) {
$acl->addRole($role, $parentRoles);
}
}