public function revokeRule(AccessRule $rule) { if ($rule->isGrant()) { $accessService = funcAcl_models_classes_AccessService::singleton(); $elements = $this->evalFilterMask($rule->getMask()); switch (count($elements)) { case 1: $extension = reset($elements); $accessService->revokeExtensionAccess($rule->getRole(), $extension); break; case 2: list($extension, $shortName) = $elements; $accessService->revokeModuleAccess($rule->getRole(), $extension, $shortName); break; case 3: list($extension, $shortName, $action) = $elements; $accessService->revokeActionAccess($rule->getRole(), $extension, $shortName, $action); break; default: // fail silently warning should already be send } } else { common_Logger::w('Only grant rules accepted in ' . __CLASS__); } }
public function revokeRule(AccessRule $rule) { if ($rule->isGrant()) { $accessService = funcAcl_models_classes_AccessService::singleton(); $filter = $rule->getMask(); if (isset($filter['act']) && isset($filter['mod']) && isset($filter['ext'])) { $accessService->revokeActionAccess($rule->getRole(), $filter['ext'], $filter['mod'], $filter['act']); } elseif (isset($filter['mod']) && isset($filter['ext'])) { $accessService->revokeModuleAccess($rule->getRole(), $filter['ext'], $filter['mod']); } elseif (isset($filter['ext'])) { $accessService->revokeExtensionAccess($rule->getRole(), $filter['ext']); } elseif (isset($filter['controller'])) { $extension = funcAcl_helpers_Map::getExtensionFromController($filter['controller']); $shortName = strpos($filter['controller'], '\\') !== false ? substr($filter['controller'], strrpos($filter['controller'], '\\') + 1) : substr($filter['controller'], strrpos($filter['controller'], '_') + 1); $accessService->revokeModuleAccess($rule->getRole(), $extension, $shortName); } elseif (isset($filter['act']) && strpos($filter['act'], '@') !== false) { list($controller, $action) = explode('@', $mask['act'], 2); $extension = funcAcl_helpers_Map::getExtensionFromController($controller); $shortName = strpos($controller, '\\') !== false ? substr($controller, strrpos($controller, '\\') + 1) : substr($controller, strrpos($controller, '_') + 1); $accessService->revokeActionAccess($rule->getRole(), $extension, $shortName, $action); } else { common_Logger::w('Uninterpretable filter in ' . __CLASS__); } } else { common_Logger::w('Only grant rules accepted in ' . __CLASS__); } }