/**
* Return true if current user is allowed to access the given MVC request
*
* @param AbstractRequest $request
* @return bool
*/
private function _isUserAllowed(AbstractRequest $request)
{
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
if ('error' === $controller) {
return true;
}
$resource = 'mvc:' . $module . ':' . $controller . ':' . $action;
#Logger::debug(__METHOD__.':: Testing resource: '.$resource);
#if($this->_acl->has($resource)) Logger::debug(__METHOD__.':: ACL has resource');
if ($this->_acl->has($resource) && $this->_acl->isUserAllowed($resource, 'view')) {
return true;
}
$resource = 'mvc:' . $module . ':' . $controller;
#Logger::debug(__METHOD__.':: Testing resource: '.$resource);
#if($this->_acl->has($resource)) Logger::debug(__METHOD__.':: ACL has resource');
#if($this->_acl->has($resource) && $this->_acl->isUserAllowed($resource, 'view')) return true;
if ($this->_acl->has($resource)) {
return $this->_acl->isUserAllowed($resource, 'view');
} else {
// Does user have global access?
return $this->_acl->isUserAllowed('mvc:' . $module . ':all', 'view');
}
return false;
}
