PHP Auth_Model_Rolesの例

コード例 #1

ファイル: Rules.php プロジェクト: vrtulka23/daiquiri

 /**
  * Creates a rule entry for the ACLs.
  * @param array $formParams
  * @return array $response
  */
 public function create(array $formParams = array())
 {
     // create the form object
     $form = new Auth_Form_Rules();
     // valiadate the form if POST
     if (!empty($formParams)) {
         if ($form->isValid($formParams)) {
             // get the form values
             $values = $form->getValues();
             // get additional models
             $roleModel = new Auth_Model_Roles();
             $appsModel = new Auth_Model_Apps();
             $resourceModel = new Auth_Model_Resources();
             // get proper ids
             $roleId = $roleModel->getResource()->fetchId(array('where' => array('role=?' => $values['role'])));
             if ($roleId === false) {
                 // check if it is an app
                 $roleId = $appsModel->getResource()->fetchId(array('where' => array('appname=?' => $values['role'])));
                 if ($roleId === false) {
                     return array('form' => $form, 'status' => 'error', 'error' => 'role "' . $values['role'] . '" not found in database');
                 } else {
                     $roleId = -$roleId;
                 }
             }
             if ($values['resource'] === '') {
                 $resourceId = null;
             } else {
                 $resourceId = $resourceModel->getResource()->fetchId(array('where' => array('resource=?' => $values['resource'])));
                 if ($resourceId === false) {
                     return array('form' => $form, 'status' => 'error', 'error' => 'resource "' . $values['resource'] . '" not found in database');
                 }
             }
             if ($values['permissions'] === '') {
                 $values['permissions'] = null;
             }
             // insert into database
             $this->getResource()->insertRow(array('role_id' => $roleId, 'resource_id' => $resourceId, 'permissions' => $values['permissions']));
             return array('status' => 'ok');
         } else {
             return $this->getModelHelper('CRUD')->validationErrorResponse($form);
         }
     }
     return array('form' => $form, 'status' => 'form');
 }

コード例 #2

ファイル: Auth.php プロジェクト: vrtulka23/daiquiri

 /**
  * @brief   constructor - initialises password cryptography and all required database tables
  * 
  * Sets up everything needed for the Zend Authentication mechanism and hooks up the
  * desired password crypto method with the password check. 
  */
 protected function __construct()
 {
     // get the acl class, this could be more general
     $this->_acl = new Daiquiri_Acl();
     // store roles in auth object
     $roleModel = new Auth_Model_Roles();
     $this->_roles = $roleModel->getResource()->fetchValues('role');
     // store status in auth object
     $statusModel = new Auth_Model_Status();
     $this->_status = $statusModel->getResource()->fetchValues('status');
     // get user detail keys
     $detailKeysModel = new Auth_Model_DetailKeys();
     $this->_detailKeys = $detailKeysModel->getResource()->fetchValues('key');
     // get treatment from default crypt object
     try {
         $crypt = Daiquiri_Crypt_Abstract::factory();
     } catch (Exception $e) {
         $crypt = null;
     }
     if ($crypt !== null) {
         $treatment = $crypt->getTreatment();
         // get treatment for users
         $userTreatment = $treatment;
         $activeId = $this->getStatusId('active');
         if (is_numeric($activeId)) {
             $userTreatment .= 'AND status_id=' . $activeId;
         }
         // get treatement for apps
         $appTreatment = $treatment . ' AND active=1';
         // set properties of the user adapter
         $this->_userAdapter = new Zend_Auth_Adapter_DbTable();
         $this->_userAdapter->setTableName('Auth_User');
         $this->_userAdapter->setIdentityColumn('username');
         $this->_userAdapter->setCredentialColumn('password');
         $this->_userAdapter->setCredentialTreatment($userTreatment);
         // set properties of the app adapter
         $this->_appAdapter = new Zend_Auth_Adapter_DbTable();
         $this->_appAdapter->setTableName('Auth_Apps');
         $this->_appAdapter->setIdentityColumn('appname');
         $this->_appAdapter->setCredentialColumn('password');
         $this->_appAdapter->setCredentialTreatment($appTreatment);
     }
 }

コード例 #3

ファイル: Init.php プロジェクト: adrpar/daiquiri

 /**
  * Initializes the database with the init data for the meetings module.
  */
 public function init()
 {
     // create status entries
     $authStatusModel = new Auth_Model_Status();
     if ($authStatusModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['status'] as $status) {
             $a = array('status' => $status);
             $r = $authStatusModel->create($a);
             $this->_check($r, $a);
         }
     }
     // create roles entries
     $authRoleModel = new Auth_Model_Roles();
     if ($authRoleModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['roles'] as $role) {
             $a = array('role' => $role);
             $r = $authRoleModel->create($a);
             $this->_check($r, $a);
         }
     }
     // create detail keys entries
     $authDetailKeysModel = new Auth_Model_DetailKeys();
     if ($authDetailKeysModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['detailKeys'] as &$a) {
             if (!isset($a['type'])) {
                 $a['type_id'] = 0;
             } else {
                 $a['type_id'] = array_search($a['type'], Auth_Model_DetailKeys::$types);
                 unset($a['type']);
             }
             $r = $authDetailKeysModel->create($a);
             $this->_check($r, $a);
         }
     }
     // create users
     $authUserModel = new Auth_Model_User();
     if ($authUserModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['user'] as $credentials) {
             // get the corresponding role_id and status_id
             $credentials['role_id'] = Daiquiri_Auth::getInstance()->getRoleId($credentials['role']);
             unset($credentials['role']);
             $credentials['status_id'] = Daiquiri_Auth::getInstance()->getStatusId($credentials['status']);
             unset($credentials['status']);
             // pre-process password first
             $credentials['new_password'] = $credentials['password'];
             $credentials['confirm_password'] = $credentials['password'];
             unset($credentials['password']);
             // process detail keys
             foreach ($this->_init->options['init']['auth']['detailKeys'] as $detailKey) {
                 if (in_array(Auth_Model_DetailKeys::$types[$detailKey['type_id']], array('radio', 'select'))) {
                     $options = Zend_Json::decode($detailKey['options']);
                     $option_id = array_search($credentials[$detailKey['key']], $options);
                     $credentials[$detailKey['key']] = $option_id;
                 } else {
                     if (in_array(Auth_Model_DetailKeys::$types[$detailKey['type_id']], array('checkbox', 'multiselect'))) {
                         $options = Zend_Json::decode($detailKey['options']);
                         $values = array();
                         foreach ($credentials[$detailKey['key']] as $value) {
                             $values[] = array_search($value, $options);
                         }
                         $credentials[$detailKey['key']] = $values;
                     }
                 }
             }
             // fake request parametes to make
             Zend_Controller_Front::getInstance()->getRequest()->setParams($credentials);
             // create user
             $r = $authUserModel->create($credentials);
             // clean up request
             Zend_Controller_Front::getInstance()->getRequest()->setParams(array());
             $this->_check($r, $credentials);
         }
     }
     // create apps
     $authAppsModel = new Auth_Model_Apps();
     if ($authAppsModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['apps'] as $credentials) {
             // pre-process password first
             $credentials['new_password'] = $credentials['password'];
             $credentials['confirm_password'] = $credentials['password'];
             unset($credentials['password']);
             // fake request parametes to make
             Zend_Controller_Front::getInstance()->getRequest()->setParams($credentials);
             // create user
             $r = $authAppsModel->create($credentials);
             // clean up request
             Zend_Controller_Front::getInstance()->getRequest()->setParams(array());
             $this->_check($r, $credentials);
         }
     }
     // create acl ressources
     $authResourcesModel = new Auth_Model_Resources();
     if ($authResourcesModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['resources'] as $resource) {
             $a = array('resource' => $resource);
             $r = $authResourcesModel->create($a);
             $this->_check($r, $a);
         }
     }
     // create acl rules, needs to be after create apps
     $authRulesModel = new Auth_Model_Rules();
     if ($authRulesModel->getResource()->countRows() === 0) {
         foreach ($this->_init->options['init']['auth']['rules'] as $role => $rule) {
             foreach ($rule as $resource => $permissions) {
                 $a = array('role' => $role, 'resource' => $resource, 'permissions' => implode(',', $permissions));
                 $r = $authRulesModel->create($a);
                 $this->_check($r, $a);
             }
         }
     }
 }

コード例 #4

ファイル: Acl.php プロジェクト: vrtulka23/daiquiri

 /**
  * @brief   constructor - constructs an Zend_Acl object from information stored in the database
  * 
  * Sets all Roles, Apps, Resources, and Rules from the database as stored in the Auth module. 
  * It always sets up the complete role/rule/ressource stack, so that all ACL information is
  * globally available.
  */
 public function __construct()
 {
     // get the roles
     $roleModel = new Auth_Model_Roles();
     $roles = $roleModel->getResource()->fetchValues('role');
     // get the apps
     $appsModel = new Auth_Model_Apps();
     $apps = $appsModel->getResource()->fetchValues('appname');
     // define roles for acl using roles and apps
     if (!empty($roles)) {
         $this->addRole(new Zend_Acl_Role($roles[1]));
         for ($i = 2; $i <= sizeof($roles); $i++) {
             $this->addRole(new Zend_Acl_Role($roles[$i]), $roles[$i - 1]);
         }
     }
     foreach ($apps as $app) {
         $this->addRole(new Zend_Acl_Role($app));
     }
     // get the resources
     $resourcesModel = new Auth_Model_Resources();
     $this->_defined_resources = $resourcesModel->getResource()->fetchValues('resource');
     // define resources
     foreach ($this->_defined_resources as $resource) {
         $this->add(new Zend_Acl_Resource($resource));
     }
     // get the rules
     $rulesModel = new Auth_Model_Rules();
     $rules = $rulesModel->getResource()->fetchRows();
     // define permissions
     foreach ($rules as $rule) {
         if ($rule['role_id']) {
             if ($rule['role_id'] > 0) {
                 $role = $roles[$rule['role_id']];
             } else {
                 $role = $apps[-$rule['role_id']];
             }
         } else {
             // null role, i.e. all users
             $role = null;
         }
         if ($rule['resource_id']) {
             $resource = $this->_defined_resources[$rule['resource_id']];
         } else {
             // all resources
             $resource = null;
         }
         if ($rule['permissions']) {
             $permissions = array();
             foreach (explode(',', $rule['permissions']) as $permission) {
                 $array = explode('?', $permission);
                 if (count($array) == 1) {
                     $permissions[] = $permission;
                 } else {
                     if (count($array) <= 2) {
                         $permissions[] = $array[0];
                         foreach (explode('&', $array[1]) as $argument) {
                             $permissions[] = $array[0] . '?' . $argument;
                         }
                     } else {
                         throw new Exception('Unable to parse permission string in ' . __METHOD__);
                     }
                 }
             }
         } else {
             // all permissions on their resource
             $permissions = null;
         }
         $this->allow($role, $resource, $permissions);
     }
 }