/**
* Populate ACL with roles from external storage.
*
* @param Magento_Acl $acl
*/
public function populateAcl(Magento_Acl $acl)
{
$roleList = $this->_roleResource->getRolesIds();
foreach ($roleList as $roleId) {
/** @var $aclRole Mage_Webapi_Model_Authorization_Role */
$aclRole = $this->_roleFactory->createRole(array($roleId));
$acl->addRole($aclRole);
//Deny all privileges to Role. Some of them could be allowed later by whitelist
$acl->deny($aclRole);
}
}
/**
* Populate ACL with roles from external storage
*
* @param Magento_Acl $acl
*/
public function populateAcl(Magento_Acl $acl)
{
$roleTableName = $this->_resource->getTableName('admin_role');
$adapter = $this->_resource->getConnection('read');
$select = $adapter->select()->from($roleTableName)->order('tree_level');
foreach ($adapter->fetchAll($select) as $role) {
$parent = $role['parent_id'] > 0 ? Mage_User_Model_Acl_Role_Group::ROLE_TYPE . $role['parent_id'] : null;
switch ($role['role_type']) {
case Mage_User_Model_Acl_Role_Group::ROLE_TYPE:
$roleId = $role['role_type'] . $role['role_id'];
$acl->addRole($this->_objectFactory->getModelInstance('Mage_User_Model_Acl_Role_Group', array('roleId' => $roleId)), $parent);
break;
case Mage_User_Model_Acl_Role_User::ROLE_TYPE:
$roleId = $role['role_type'] . $role['user_id'];
if (!$acl->hasRole($roleId)) {
$acl->addRole($this->_objectFactory->getModelInstance('Mage_User_Model_Acl_Role_User', array('roleId' => $roleId)), $parent);
} else {
$acl->addRoleParent($roleId, $parent);
}
break;
}
}
}
