public function fillRoles(array $rolesConfig) { foreach ($rolesConfig as $role => $options) { $inherit = $this->getOption($options, self::INHERIT); if (null !== $inherit && !is_string($inherit) && !is_array($inherit) && !$inherit instanceof RoleInterface) { throw new Exceptions\RuntimeException('Inherit option must be a string, an array or implement RoleInterface for roles'); } $this->acl->addRole($role, $inherit); } }
/** * @param string|RoleInterface $role * @throws InvalidRoleException */ private function loadRole($role) { if ($this->acl->hasRole($role)) { return; } $parent = null; if (is_string($role)) { $role = new GenericRole($role); } elseif ($role instanceof RoleProvider && ($parent = $role->getRoles())) { $this->loadRoles($parent); } elseif ($role instanceof HierarchicalRoleInterface && ($parent = $role->getParent())) { is_array($parent) ? $this->loadRoles($parent) : $this->loadRole($parent); } elseif (!$role instanceof RoleInterface) { throw InvalidRoleException::invalidRoleInstance($role); } $this->acl->addRole($role, $parent); }
public function configureAcl(AclInterface $acl) { foreach ($this->getRoles() as $roleId => $parents) { $acl->addRole(new GenericRole($roleId), $parents); foreach ($this->getRules($roleId, 'allow') as $spec) { if (!$acl->hasResource($spec['resource'])) { $acl->addResource(new GenericResource($spec['resource'])); } $acl->allow($roleId, $spec['resource'], $spec['privilege'], $spec['assertion']); } foreach ($this->getRules($roleId, 'deny') as $spec) { if (null !== $spec['resource'] && !$acl->hasResource($spec['resource'])) { $acl->addResource(new GenericResource($spec['resource'])); } $acl->deny($roleId, $spec['resource'], $spec['privilege'], $spec['assertion']); } } return $acl; }
/** * @return AclInterface * @throws \Zend\Permissions\Acl\Exception\InvalidArgumentException */ protected function getAcl() { if ($this->acl === null) { $this->acl = new Acl(); foreach ($this->getRoleProvider()->getRoles() as $role) { $this->acl->addRole($role); } foreach ($this->getResourceProvider()->getResources() as $resource) { if ($resource instanceof Resource) { $this->acl->addResource($resource, $resource->getParentId()); } } foreach ($this->getRuleProvider()->getRules() as $rule) { if ($rule instanceof Rule) { $this->acl->allow($rule->getRoles(), $rule->getResources(), $rule->getPrivileges()); } } } return $this->acl; }