/**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     // Get the organization
     $orgService = \Application\Service\OrgService::getInstance();
     $org = $orgService->load($role->getOrganizationId());
     if ($org->getType() != OrgCustomerModel::ORG_TYPE) {
         $org = $orgService->getParentByType($org, OrgCustomerModel::ORG_TYPE);
     }
     if ($org && !is_null($org->getSupplementaryServicesId())) {
         // Check if the customer has supplementary services configured
         // with application originated SMS option activated
         $supplSrv = \Application\Service\SupplServicesService::getInstance();
         $services = $supplSrv->load($org->getSupplementaryServicesId());
         if ($services && $services->getApplicationOriginatedSms() == SupplServicesModel::ST_ACTIVATED) {
             return true;
         }
     }
     throw new Exception('Role must have applicationOriginatedSms activated');
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     if (!$resource instanceof SimModel) {
         throw new Exception('Resource must be an instance of SimModel');
     }
     // Get the organization
     $orgService = \Application\Service\OrgService::getInstance();
     if ($orgService->getTypeById($role->getOrganizationId()) == OrgServiceProviderModel::ORG_TYPE) {
         $org = $orgService->load($resource->customerId);
     } else {
         $org = $orgService->load($role->getOrganizationId());
     }
     if ($org->getType() != OrgCustomerModel::ORG_TYPE) {
         $org = $orgService->getParentByType($org, OrgCustomerModel::ORG_TYPE);
     }
     if ($org && !is_null($org->getSupplementaryServicesId())) {
         // Check if the customer has supplementary services configured
         // with application originated SMS option activated
         $supplSrv = \Application\Service\SupplServicesService::getInstance();
         try {
             if ($orgService->getTypeById($role->getOrganizationId()) == OrgAggregatorModel::ORG_TYPE) {
                 $services = $supplSrv->load($org->getSupplementaryServicesId(), $org);
             } else {
                 $services = $supplSrv->load($org->getSupplementaryServicesId());
             }
         } catch (\Exception $e) {
             \App::log()->warn($e);
             return False;
         }
         if ($services && $services->advancedSupervision == SupplServicesModel::ST_ACTIVATED) {
             return true;
         }
     }
     return false;
 }
예제 #3
0
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     if (!$resource instanceof App_ListFilter) {
         throw new Exception('Resource must be an instance of App_ListFilter');
     }
     $filter = $resource->getOneFilterByFieldName(SimFilterFields::SERVICE_PROVIDER_COMM);
     if (!$filter) {
         return false;
     }
     return $filter->getValue() == $role->getOrganizationId();
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     if (!$resource instanceof SimModel) {
         throw new Exception('Resource must be an instance of SimModel');
     }
     return $orgId === $resource->getServiceProviderCommercialId();
 }
 /**
  * Returns true if and only if the assertion conditions are met
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  null                        $privilege
  * @return bool
  * @throws Exception
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     switch (true) {
         case $resource instanceof OrgModelAbstract:
             return $orgId === $resource->getParentId();
         case $resource instanceof Model\PreBillModel:
             return true;
             //TODO: we need serviceProviderId from ericsson
             return $orgId === $resource->getServiceProvider()->getId();
         case $resource instanceof UserModel:
             try {
                 $org = $resource->getOrganization();
                 if (NULL !== $org) {
                     return $orgId === $org->getParentId();
                 }
                 App::log()->err("User (" . $resource->getId() . ") organization (" . $resource->getOrganizationId() . ") doesn't exist");
                 return false;
             } catch (Exception $e) {
                 return false;
             }
         case $resource instanceof Model\CommercialGroupModel:
             // customerId is one of service provider customers?
             // TODO aggregatorId case?
             $org = OrgService::getInstance()->load($resource->getCustomerId());
             return $org && $orgId === $org->getParentId();
         case $resource instanceof Model\ReportModel:
             $params = $resource->getParams();
             if (isset($params['orgId']) && !empty($params['orgId'])) {
                 $org = OrgService::getInstance()->load($params['orgId']);
                 return $org && $orgId === $org->getParentId();
             } else {
                 return true;
             }
     }
     throw new Exception('Resource must be an instance of OrgModelAbstract or UserModel');
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof Model\UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     switch (true) {
         case $resource instanceof OrgModelAbstract:
             $parent = OrgService::getInstance()->load($resource->getParentId());
             if ($parent) {
                 return $orgId === $parent->getParentId();
             }
             return false;
     }
     throw new Exception('Resource must be an instance of OrgModelAbstract');
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     $org = Service\OrgService::getInstance()->load($orgId);
     if (!$org) {
         return false;
     }
     switch (true) {
         case $resource instanceof Model\ServicePackModel:
             return $org->getParentId() === $resource->getServiceProvider();
     }
     throw new Exception('Resource must be an instance of ServicePack');
 }
 /**
  * Returns true if and only if the assertion conditions are met
  *
  * This method is passed the ACL, Role, Resource, and privilege to which
  * the authorization query applies. If the $role, $resource, or $privilege
  * parameters are null, it means that the query applies to all Roles,
  * Resources, or privileges, respectively.
  *
  * @param  Zend_Acl                    $acl
  * @param  Zend_Acl_Role_Interface     $role
  * @param  Zend_Acl_Resource_Interface $resource
  * @param  string                      $privilege
  * @return boolean
  */
 public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
 {
     // We need specific objects to check against each other
     if (NULL === $role || NULL === $resource) {
         return false;
     }
     // Ensure we're handled User models
     if (!$role instanceof UserModel) {
         throw new Exception('Role must be an instance of UserModel');
     }
     $orgId = $role->getOrganizationId();
     switch (true) {
         case $resource instanceof OrgModelAbstract:
             return $orgId === $resource->getId();
         case $resource instanceof UserModel:
         case $resource instanceof TemplateModel:
             return $orgId === $resource->getOrganizationId();
         case $resource instanceof Async\Model\AsyncResponse:
             $cOrgId = \Application\Model\Mapper\OrganizationMapper::cleanOrgId($orgId);
             return $orgId === $resource->getOrganizationId() || $cOrgId === $resource->getOrganizationId();
         case $resource instanceof Model\TariffPlanLifeCycleModel:
         case $resource instanceof Model\TariffPlanServicesModel:
         case $resource instanceof Model\RestrictionModel:
         case $resource instanceof Model\ServicePackModel:
             $orgType = Model\Mapper\OrganizationMapper::getTypeByOrgId($orgId);
             switch ($orgType) {
                 case Model\Organization\OrgServiceProviderModel::ORG_TYPE:
                     return $orgId === $resource->getServiceProviderId();
                 case Model\Organization\OrgCustomerModel::ORG_TYPE:
                     //                         $spList = Service\ServicePackService::getInstance()->listAll();
                     //                         foreach ($spList->getItems() as $sp) {
                     //                             if ($sp->getId() === $resource->getId()) {
                     //                                 return true;
                     //                             }
                     //                         }
                     /*
                      * There is no way to know if only one ServicePack is assigned to a customer,
                      * only retrieving all servicePacks assigned. It is too much slow. In Ericsson we trust.
                      */
                     return true;
                 default:
                     return false;
             }
         case $resource instanceof Model\SupplServicesModel:
             return $orgId === $resource->getServiceProviderId() || $orgId === $resource->getCustomerId();
         case $resource instanceof Model\CommercialGroupModel:
         case $resource instanceof Model\SupervisionGroupModel:
             return $orgId === $resource->getCustomerId();
         case $resource instanceof SimModel:
             /** @var $resource \Application\Model\SimModel */
             return $orgId === $resource->getMasterId() || $orgId === $resource->getServiceProviderCommercialId() || $orgId === $resource->getServiceProviderEnablerId() || $orgId === $resource->getAggregatorId() || $orgId === $resource->getCustomerId() || $orgId === $resource->getEndUserId();
         case $resource instanceof Model\ReportModel:
             $params = $resource->getParams();
             if (isset($params['orgId']) && !empty($params['orgId'])) {
                 return $orgId === $params['orgId'];
             } else {
                 return true;
             }
     }
     throw new Exception('Resource must be an instance of OrgModelAbstract, UserModel or SimModel');
 }