/** * Populate ACL with roles from external storage. * * @param Magento_Acl $acl */ public function populateAcl(Magento_Acl $acl) { $roleList = $this->_roleResource->getRolesIds(); foreach ($roleList as $roleId) { /** @var $aclRole Mage_Webapi_Model_Authorization_Role */ $aclRole = $this->_roleFactory->createRole(array($roleId)); $acl->addRole($aclRole); //Deny all privileges to Role. Some of them could be allowed later by whitelist $acl->deny($aclRole); } }
/** * Populate ACL with roles from external storage * * @param Magento_Acl $acl */ public function populateAcl(Magento_Acl $acl) { $roleTableName = $this->_resource->getTableName('admin_role'); $adapter = $this->_resource->getConnection('read'); $select = $adapter->select()->from($roleTableName)->order('tree_level'); foreach ($adapter->fetchAll($select) as $role) { $parent = $role['parent_id'] > 0 ? Mage_User_Model_Acl_Role_Group::ROLE_TYPE . $role['parent_id'] : null; switch ($role['role_type']) { case Mage_User_Model_Acl_Role_Group::ROLE_TYPE: $roleId = $role['role_type'] . $role['role_id']; $acl->addRole($this->_objectFactory->getModelInstance('Mage_User_Model_Acl_Role_Group', array('roleId' => $roleId)), $parent); break; case Mage_User_Model_Acl_Role_User::ROLE_TYPE: $roleId = $role['role_type'] . $role['user_id']; if (!$acl->hasRole($roleId)) { $acl->addRole($this->_objectFactory->getModelInstance('Mage_User_Model_Acl_Role_User', array('roleId' => $roleId)), $parent); } else { $acl->addRoleParent($roleId, $parent); } break; } } }