public function __construct(Zend_Auth $auth) { // we need to do this recursively because of role inheritance $this->addRoles(); $resources = new RolesResources(); $rsResources = $resources->fetchAll(); foreach ($rsResources as $resource) { $resource_mca = $resource->module . "-" . $resource->controller . "-" . $resource->action; if (!$this->has($resource_mca)) $this->add(new Zend_Acl_Resource($resource_mca)); $this->allow($resource->role_id, $resource_mca); } $roles_res_extra_table = new RolesResourcesExtra(); $res_extras = $roles_res_extra_table->fetchAll(); if (count($res_extras) > 0) { foreach ($res_extras as $res_extra) { $extra_resource_mca = $res_extra->module . "-@@EXTRA-" . $res_extra->resource; if (!$this->has($extra_resource_mca)) $this->add(new Zend_Acl_Resource($extra_resource_mca)); $this->allow($res_extra->role_id, $extra_resource_mca); } } }
protected function isExtraResourceInherited($module, $resource, $role_id) { $inheritsResource = false; $roles_table = new Roles(); $roles_roles_table = new RolesRoles(); $roles_res_extra_table = new RolesResourcesExtra(); $inherited_ids = $roles_table->getAllAncestors($role_id); if (count($inherited_ids) > 0) { foreach ($inherited_ids as $inherited_id) { // determine if parent has access to this resource $select = $roles_res_extra_table->select(); $select->where("role_id = ?", $inherited_id); $select->where("module = ?", $module); $select->where("resource = ?", $resource); $roles_resource = $roles_res_extra_table->fetchRow($select); if (!is_null($roles_resource)) { //parent has it, role is inherited $inheritsResource = true; } } } return $inheritsResource; }