/
Controller.php
67 lines (58 loc) · 1.57 KB
/
Controller.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
namespace ZfcRbac\Firewall;
class Controller extends AbstractFirewall
{
/**
* @var array
*/
protected $rules = array();
/**
* @param array $rules
*/
public function __construct(array $rules)
{
foreach($rules as $rule) {
if (!is_array($rule['roles'])) {
$rule['roles'] = array($rule['roles']);
}
if (isset($rule['actions'])) {
$rule['actions'] = (array) $rule['actions'];
foreach ($rule['actions'] as $action) {
$this->rules[$rule['controller']][$action] = $rule['roles'];
}
} else {
$this->rules[$rule['controller']] = $rule['roles'];
}
}
}
/**
* Checks if access is granted to resource for the role.
*
* @param string $resource
* @return bool
*/
public function isGranted($resource)
{
$resource = explode(':', $resource);
$controller = $resource[0];
$action = isset($resource[1]) ? $resource[1] : null;
// Check action first
if (isset($this->rules[$controller][$action])) {
$roles = $this->rules[$controller][$action];
} elseif (isset($this->rules[$controller])) {
$roles = $this->rules[$controller];
} else {
return true;
}
return $this->rbac->hasRole($roles);
}
/**
* Get the firewall name.
*
* @return string
*/
public function getName()
{
return 'controller';
}
}