public static function factory(array $config)
{
// Determine whether we are whitelisting or blacklisting
$denyByDefault = false;
if (array_key_exists('deny_by_default', $config)) {
$denyByDefault = (bool) $config['deny_by_default'];
unset($config['deny_by_default']);
}
// By default, create an open ACL
$acl = new AclAuthorization();
$acl->addRole('guest');
$acl->allow();
$grant = 'deny';
if ($denyByDefault) {
$acl->deny('guest', null, null);
$grant = 'allow';
}
foreach ($config as $set) {
if (!is_array($set) || !isset($set['resource'])) {
continue;
}
// Add new resource to ACL
$resource = $set['resource'];
$acl->addResource($set['resource']);
// Deny guest specified privileges to resource
$privileges = isset($set['privileges']) ? $set['privileges'] : null;
// "null" privileges means no permissions were setup; nothing to do
if (null === $privileges) {
continue;
}
$acl->{$grant}('guest', $resource, $privileges);
}
return $acl;
}
/**
* Create and return an AclAuthorization instance populated with provided privileges.
*
* @param array $config
* @return AclAuthorization
*/
public static function factory(array $config)
{
// Determine whether we are whitelisting or blacklisting
$denyByDefault = false;
if (array_key_exists('deny_by_default', $config)) {
$denyByDefault = (bool) $config['deny_by_default'];
unset($config['deny_by_default']);
}
// By default, create an open ACL
$acl = new AclAuthorization();
$acl->addRole('guest');
$acl->allow();
$grant = 'deny';
if ($denyByDefault) {
$acl->deny('guest', null, null);
$grant = 'allow';
}
if (!empty($config)) {
return self::injectGrants($acl, $grant, $config);
}
return $acl;
}
