/** * Definice rolí. */ private function defineRoles() { $groups = $this->permissionRepository->selectAllGroups(); $this->acl->addRole("Guest"); foreach ($groups as $group) { $this->acl->addRole($group->getName(), $group->getExtendsGroup()->getName()); } }
public static function createAuthorizator() { $perm = new Permission; $perm->addRole("guest"); $perm->addRole("user", "guest"); $perm->addRole("admin", "user"); $perm->deny(); $perm->allow("admin"); return $perm; }
public function __construct() { $this->acl = new NS\Permission(); $this->acl->addRole('guest'); $this->acl->addRole('user', 'registered'); $this->acl->addRole('admin', 'user'); $this->acl->addResource('backend'); $this->acl->addResource('users'); $this->acl->allow('user', array('backend'), array('view')); $this->acl->allow('admin'); }
public static function createAuthorizator() { $perm = new Permission(); $perm->addRole("guest"); $perm->addRole("user", "guest"); $perm->addRole("admin", "user"); $perm->addResource('clip'); $perm->addResource('comment'); $perm->deny(); $perm->allow("admin"); $perm->allow("user", "comment", "add"); return $perm; }
private function setRoles(Permission $p) { try { $roles = $this->rolesService->getRoles(); foreach ($roles as $r) { if ($r->getParents()->isEmpty()) { $p->addRole($r->getName(), []); } else { $p->addRole($r->getName(), $r->extractParentNames()); } } } catch (Exceptions\DataErrorException $e) { $this->logError($e->getMessage()); } }
public function startup() { parent::startup(); if ($this->getName() != 'Admin:Sign' && !$this->user->isLoggedIn()) { $this->redirect('Sign:default'); } //nastavim prava foreach ($this->roles->getAll() as $role) { $this->acl->addRole($role['system_name']); } foreach ($this->resources->getAll() as $resource) { $this->acl->addResource($resource['system_name']); } foreach ($this->permissions->getAll() as $permission) { $this->acl->allow($permission->role->system_name, $permission->resource->system_name, $permission->privilege->system_name); } $this->acl->addRole('super_admin'); $this->acl->allow('super_admin'); //homepage a sign maji pristup vsichni $this->acl->addResource('homepage'); $this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'homepage'); $this->acl->addResource('sign'); $this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'sign'); //vychozi role $this->acl->addRole('guest'); //kontrola prav if ($this->getName() != 'Admin:Image' && $this->getAction() != 'ordering' && $this->getAction() != 'orderingCategory' && $this->getAction() != 'deleteImage' && $this->getAction() != 'changePassword' && $this->getAction() != 'getCity' && $this->getAction() != 'download') { if (!$this->getUser()->isAllowed($this->getNameSimple(), $this->getAction())) { $this->flashMessage($this->translator->translate('admin.login.noAccess'), 'error'); $this->redirect('Homepage:default'); } } //projedu vsek moduly a pokusim se najit presentery $presenters = array(); $vsekDir = dirname(__FILE__) . '/../../../'; $ch = opendir($vsekDir); while (($file = readdir($ch)) !== false) { if (!in_array($file, array('.', '..'))) { if (file_exists($vsekDir . $file . '/src/setting.xml')) { $xml = simplexml_load_file($vsekDir . $file . '/src/setting.xml'); if (isset($xml->presenter)) { $this->menuModules[] = array('name' => (string) $xml->presenter->name, 'resource' => (string) $xml->presenter->resource); } } } } closedir($ch); }
/** @return Nette\Security\Permission */ public function create() { if (!$this->cmsInstalled) { return new Nette\Security\Permission(); } $acl = $this->cache->load('acl'); if ($acl === NULL) { $acl = new Nette\Security\Permission(); try { foreach ($this->roleService->findAll() as $role) { $acl->addRole($role->name, $role->parent === NULL ? NULL : $role->parent->name); } } catch (Kdyby\Doctrine\DBALException $ex) { return new Nette\Security\Permission(); } foreach ($this->resourceService->findAll() as $resource) { $acl->addResource($resource->name); } foreach ($this->aclService->findAll() as $aclEntry) { if ($aclEntry->allow) { $acl->allow($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name); } else { $acl->deny($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name); } } $this->cache->save('acl', $acl, [Nette\Caching\Cache::TAGS => self::CACHE_TAG]); } return $acl; }
public function __construct() { $acl = new Nette\Security\Permission(); // definice rolí $acl->addRole('guest'); $acl->addRole('demo', 'guest'); // demo dědí od guest $acl->addRole('admin', 'demo'); // a od něj dědí admin // seznam zdrojů, ke kterým mohou uživatelé přistupovat $acl->addResource('Admin:Admin'); $acl->addResource('Front'); // pravidla, určující, kdo co může s čím dělat $acl->allow('guest', 'Front', self::READ); $acl->allow('demo', 'Admin:Admin', self::READ); $acl->allow('admin', Permission::ALL, Permission::ALL); // Nastaveno! $this->acl = $acl; }
public function addRole($role) { $this->acl->addRole($role); }
/** * */ private function initRole() { foreach ($this->roleRepository->read()->order("aclRoleID ASC") as $item) { $this->acl->addRole($item->name); } }
private function defineRoles(Permission $authorizator) { $authorizator->addRole('employee'); $authorizator->addRole('admin'); }
/** * Helping function to add roles from database, for roles which parents was not defined yet * @param string $role * @param mixed $parent */ public function addRole($role, $parents = null) { if ($this->hasRole($role)) { return $this; } $parents = array(); if (isset($this->rolesRels[$role]) && is_array($this->rolesRels[$role])) { foreach ($this->rolesRels[$role] as $parent) { if (!$this->hasRole($parent)) { $this->addRole($parent); } $parents[$role] = $parent; } } else { $parents[$role] = null; } return parent::addRole($role, isset($parents[$role]) ? $parents[$role] : null); }
/** * Get raw permissions without privileges. * * @return Permission */ public function getRawPermissions() { $permission = new Permission(); foreach ($this->scanResources() as $resource => $privileges) { $permission->addResource($resource); } foreach ($this->defaultRoles as $role) { if (!$permission->hasRole($role)) { $permission->addRole($role); } } return $permission; }
private function loadRoles(Permission $acl) { $roles = $this->em->createQuery('SELECT r, parent FROM ' . Role::class . ' r LEFT JOIN r.parent parent ORDER BY r.parent ASC')->execute(); /** @var Role $role */ foreach ($roles as $role) { $acl->addRole($role->getName(), $role->hasParent() ? $role->getParentName() : null); } $acl->addRole(Role::GOD); }