protected function checkAccess() { // If backend controller is being used then we should // check for user permissions to use role assigned to current controller and action $rolesCacheDir = ClassLoader::getRealPath('cache.roles'); if (!is_dir($rolesCacheDir)) { if (!@mkdir($rolesCacheDir, 0777, true)) { return false; } } $refl = new ReflectionClass($this); $controllerPath = $refl->getFileName(); $cachePath = $rolesCacheDir . DIRECTORY_SEPARATOR . md5($controllerPath) . '.php'; ClassLoader::import("framework.roles.RolesDirectoryParser"); ClassLoader::import("framework.roles.RolesParser"); $this->roles = new RolesParser($controllerPath, $cachePath); if ($this->roles->wereExpired()) { ClassLoader::import('application.model.role.Role'); Role::addNewRolesNames($this->roles->getRolesNames()); } $role = $this->roles->getRole($this->request->getActionName()); if ($role) { if (!$this->user->hasAccess($role)) { if ($this->user->isAnonymous()) { throw new UnauthorizedException($this); } else { throw new ForbiddenException($this); } } } }
public function testGetRoleByAction() { $dumpControllerRoles = new RolesParser(ClassLoader::getRealPath("test.framework.roles.controllers.DumpController") . ".php", ClassLoader::getRealPath("test.framework.roles.cache.DumpControllerRoles") . ".php"); $this->assertEqual($dumpControllerRoles->getRole('test'), 'test.subtest'); }