/**
* Load roles
*
* @param Mage_Admin_Model_Acl $acl
* @param array $rolesArr
* @return Mage_Admin_Model_Resource_Acl
*/
public function loadRoles(Mage_Admin_Model_Acl $acl, array $rolesArr)
{
foreach ($rolesArr as $role) {
$parent = $role['parent_id'] > 0 ? Mage_Admin_Model_Acl::ROLE_TYPE_GROUP . $role['parent_id'] : null;
switch ($role['role_type']) {
case Mage_Admin_Model_Acl::ROLE_TYPE_GROUP:
$roleId = $role['role_type'] . $role['role_id'];
$acl->addRole(Mage::getModel('admin/acl_role_group', $roleId), $parent);
break;
case Mage_Admin_Model_Acl::ROLE_TYPE_USER:
$roleId = $role['role_type'] . $role['user_id'];
if (!$acl->hasRole($roleId)) {
$acl->addRole(Mage::getModel('admin/acl_role_user', $roleId), $parent);
} else {
$acl->addRoleParent($roleId, $parent);
}
break;
}
}
return $this;
}
/**
* Loads role rules into ACL for admin user
*
* @param Mage_Admin_Model_User $user
* @param Mage_Admin_Model_Acl $acl
* @param array $allowedResources
*
* @return $this
*/
public function loadRules(Mage_Admin_Model_User $user, Mage_Admin_Model_Acl $acl, array $allowedResources = array())
{
$userRole = Mage::getModel('admin/acl_role_user', Mage_Admin_Model_Acl::ROLE_TYPE_USER . $user->getId());
$acl->addRole($userRole);
if (empty($allowedResources)) {
$acl->allow($userRole);
$acl->allow($userRole, $acl->getResources());
return $this;
}
$aclResources = $acl->getResources();
$allow = array();
foreach ($allowedResources as $resource) {
$childResources = array_filter($aclResources, function ($entry) use($resource) {
return strpos($entry, 'admin/' . $resource) === 0;
});
$allow = array_merge($allow, $childResources);
}
$deny = array();
foreach ($aclResources as $resource) {
if (!in_array($resource, $allow)) {
$deny[] = $resource;
}
}
$acl->allow($userRole, $allow);
$acl->deny($userRole, $deny);
return $this;
}
