/**
* Notifies whether the logged-in user has permission for a given resource/
* privilege combination.
*
* If an ACL resource being checked has not been defined, access to that
* resource should not be controlled. This allows plugin writers to
* implement controllers without also requiring them to be aware of the ACL.
*
* Conversely, in the event that an ACL resource has been defined, all access
* permissions for that controller must be properly defined.
*
* The names of resources should correspond to the name of the controller
* class minus 'Controller', e.g.
* Geolocation_IndexController -> 'Geolocation_Index'
* CollectionsController -> 'Collections'
*
* @param string $privilege
* @param Zend_Acl_Resource|string|null (Optional) Resource to check.
* @see getResourceName()
* @return boolean
*/
public function isAllowed($privilege, $resource = null)
{
$allowed = $this->_allowed;
if (isset($allowed[$privilege])) {
return $allowed[$privilege];
}
if ($resource instanceof Zend_Acl_Resource_Interface) {
$resourceObj = $resource;
$resourceName = $resourceObj->getResourceId();
} else {
if (is_string($resource)) {
$resourceName = $resource;
} else {
if (!$resource) {
$resourceName = $this->getResourceName();
}
}
}
// Plugin writers do not need to define an ACL in order for their
// controllers to work.
if (!$this->_acl->has($resourceName)) {
return true;
}
if (!isset($resourceObj)) {
$resourceObj = $this->_acl->get($resourceName);
}
return $this->_acl->isAllowed($this->_currentUser, $resourceObj, $privilege);
}
/**
* Ensures that basic addition and retrieval of a single Resource works
*
* @return void
*/
public function testResourceAddAndGetOne()
{
$resourceArea = new Zend_Acl_Resource('area');
$resource = $this->_acl->add($resourceArea)->get($resourceArea->getResourceId());
$this->assertTrue($resourceArea === $resource);
$resource = $this->_acl->get($resourceArea);
$this->assertTrue($resourceArea === $resource);
}
protected function _registerResource($resourceName)
{
$parentRole = null;
$currentResourceName = '';
foreach (explode('.', $resourceName) as $resourceNamePart) {
$currentResourceName = trim($currentResourceName . '.' . $resourceNamePart, '.');
if (!$this->_acl->has($currentResourceName)) {
$this->_acl->addResource($currentResourceName, $parentRole);
}
$parentRole = $this->_acl->get($currentResourceName);
}
}
/** @brief Renvoie la resource
*
* Crée la ressource si elle n'existe pas
* La surcharge de cette méthode de Zend_Acl permet de créer automatiquement
* la ressource si elle n'existe pas quand on fait des allow ou des deny
* par exemple.
*
* @author amboise.lafont
*/
public function get($resource)
{
if (!$this->has($resource)) {
$this->addResource($resource);
}
return parent::get($resource);
}