public function init() { $controller_name = strtolower($this->_request->getControllerName()); $action_name = strtolower($this->_request->getActionName()); /** * Because this controller is a template, it is not meant to be accessed * Redirect if someone attempts to access it */ if ($controller_name == 'controller') { return $this->_redirect('/'); } // Check if the current controller is a resource that needs permissions to access $resource_mapper = new Application_Model_ResourceMapper(); $resource = $resource_mapper->findByResource($controller_name); if ($resource) { $resource = $resource[0]; if (!Zend_Auth::getInstance()->hasIdentity()) { return $this->_redirect('/'); } $resource_name = $controller_name; $privilege_name = null; $privilege_mapper = new Application_Model_PrivilegeMapper(); $privilege = $privilege_mapper->findByPrivilege($action_name); if ($privilege) { $privilege = $privilege[0]; $resource_privilege_mapper = new Application_Model_ResourcePrivilegeMapper(); $params = array('where' => 'resource_id = ' . $resource->getId() . ' AND privilege_id = ' . $privilege->getId()); $resource_privilege = $resource_privilege_mapper->select($params); if ($resource_privilege) { $privilege_name = $privilege->getPrivilege(); } } /** * For each of the roles that the user has, check if one of the * roles has permission to access the resource */ $acl = Zend_Registry::get('acl'); $acl_user = Zend_Registry::get('acl_user'); $allowed = false; if (count($acl_user)) { foreach ($acl_user as $row) { if ($row->getRole() == 'admin' || $acl->isAllowed($row->getRole(), $resource_name, $privilege_name)) { $allowed = true; break; } } } if (!$allowed) { return $this->_redirect('/'); } } // record page visit $config = new Zend_Config_INI(APPLICATION_PATH . '/configs/application.ini', APPLICATION_ENV); $this->_store_url = $config->history_url; $ignore_controllers = array('index', 'auth', 'history'); if (Zend_Auth::getInstance()->hasIdentity() && !in_array($controller_name, $ignore_controllers)) { $user = new Zend_Session_Namespace('user'); $user_id = $user->user['id']; if ($this->_store_url) { $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; $data = array('url' => $url, 'user_id' => $user_id, 'created' => date('Y-m-d H:i:s')); $history_url_mapper = new Application_Model_HistoryUrlMapper(); $history_url = new Application_Model_HistoryUrl($data); $history_url_mapper->save($history_url); } else { $controller_mapper = new Application_Model_ControllerMapper(); $action_mapper = new Application_Model_ActionMapper(); $controllers = $controller_mapper->findByController($controller_name); $actions = $action_mapper->findByAction($action_name); if ($controllers && $actions) { $controller = $controllers[0]; $action = $actions[0]; $controller_id = $controller->getId(); $action_id = $action->getId(); $data = array('controller_id' => $controller_id, 'action_id' => $action_id, 'user_id' => $user_id, 'created' => date('Y-m-d H:i:s')); $history_mapper = new Application_Model_HistoryMapper(); $history = new Application_Model_History($data); $history_mapper->save($history); } } } }