public function fillResources(array $resourcesConfig) { foreach ($resourcesConfig as $resource => $options) { $inherit = $this->getOption($options, self::INHERIT); if (null !== $inherit && !is_string($inherit) && !$inherit instanceof ResourceInterface) { throw new Exceptions\RuntimeException('Inherit option must be a string or implement ResourceInterface for resources'); } $this->acl->addResource($resource, $inherit); $privileges = $this->getOption($options, self::PRIVILEGES, []); foreach ($privileges as $role => $actions) { $this->acl->allow([$role], [$resource], $actions); } } }
/** * @param string|ResourceInterface $resource */ private function loadResource($resource) { if ($this->acl->hasResource($resource)) { return; } $parent = null; if ($resource instanceof HierarchicalResourceInterface && ($parent = $resource->getParent())) { is_array($parent) ? $this->loadResources($parent) : $this->loadResource($parent); } $this->acl->addResource($resource, $parent); }
public function configureAcl(AclInterface $acl) { foreach ($this->getRoles() as $roleId => $parents) { $acl->addRole(new GenericRole($roleId), $parents); foreach ($this->getRules($roleId, 'allow') as $spec) { if (!$acl->hasResource($spec['resource'])) { $acl->addResource(new GenericResource($spec['resource'])); } $acl->allow($roleId, $spec['resource'], $spec['privilege'], $spec['assertion']); } foreach ($this->getRules($roleId, 'deny') as $spec) { if (null !== $spec['resource'] && !$acl->hasResource($spec['resource'])) { $acl->addResource(new GenericResource($spec['resource'])); } $acl->deny($roleId, $spec['resource'], $spec['privilege'], $spec['assertion']); } } return $acl; }
/** * @return AclInterface * @throws \Zend\Permissions\Acl\Exception\InvalidArgumentException */ protected function getAcl() { if ($this->acl === null) { $this->acl = new Acl(); foreach ($this->getRoleProvider()->getRoles() as $role) { $this->acl->addRole($role); } foreach ($this->getResourceProvider()->getResources() as $resource) { if ($resource instanceof Resource) { $this->acl->addResource($resource, $resource->getParentId()); } } foreach ($this->getRuleProvider()->getRules() as $rule) { if ($rule instanceof Rule) { $this->acl->allow($rule->getRoles(), $rule->getResources(), $rule->getPrivileges()); } } } return $this->acl; }