private function auth() { // perform mock authentication $auth_adapter = new QFrame_Auth_Adapter('sample1', 'password'); $auth = Zend_Auth::getInstance(); $auth->authenticate($auth_adapter); // authorize the sample1 user with the admin role and give the admin role // all possible global rights $adminRole = RoleModel::find(4); $adminRole->grant('view'); $adminRole->grant('edit'); $adminRole->grant('approve'); $adminRole->grant('administer'); $adminRole->save(); $user = new DbUserModel(array('dbUserID' => 1)); $user->addRole($adminRole); }
public function testAnyAccess() { $user = new DbUserModel(array('dbUserID' => 1)); $page = new PageModel(array('pageID' => 1, 'depth' => 'page')); $this->assertFalse($user->hasAnyAccess($page)); $role = RoleModel::find('first'); $role->grant('view', $page); $role->save(); $user->addRole($role); $this->assertTrue($user->hasAnyAccess($page)); }
public function testDelete() { $role = RoleModel::find(1); $role->delete(); try { $role = RoleModel::find(1); } catch (Exception $e) { return; } $this->fail('Fetching a deleted object should throw an exception.'); }
/** * Determine whether or not this user has access to a permissible object (or has a global) * permission * * @param string permission to check * @param QFrame_Permissible (optional) permissible object to check * @return boolean */ public function hasAccess($permission, QFrame_Permissible $permissible = null) { // if this user is an auto admin, return true if ($this->admin) { return true; } if ($this->roles === null) { $this->loadRoles(); } foreach ($this->roles as $role) { $role = RoleModel::find($role['roleID']); if ($role->hasAccess($permission)) { return true; } elseif ($permissible !== null && $role->hasAccess($permission, $permissible)) { return true; } } return false; }
/** * Remove role action. Removes the requested role from the current user. */ public function removeRoleAction() { $user = new DbUserModel(array('dbUserID' => $this->_getParam('id'))); $role = RoleModel::find($this->_getParam('role')); $user->removeRole($role); $this->_redirector->gotoRoute(array('action' => 'roles', 'id' => $user->dbUserID)); }
/** * Processes an update to permissions */ private function updatePermissions() { $globals = $this->_getParam('global'); $pages = $this->_getParam('page'); $role = RoleModel::find($this->_getParam('id')); foreach ($globals as $permission => $value) { if ($value) { $role->grant($permission); } else { $role->deny($permission); } } foreach ($pages as $id => $permissions) { $page = $this->_instance->getPage($id); foreach ($permissions as $permission => $value) { if ($value) { $role->grant($permission, $page); } else { $role->deny($permission, $page); } } } $role->save(); $this->flash('notice', 'Permissions updated successfully'); $this->_redirector->gotoRouteAndExit(array('action' => 'index', 'id' => null)); }