protected function addAclRole($rola, $prefix = null) { // debug($prefix); if (count($rola['parents']) && (isset($rola['parents']['role']) && count($rola['parents']['role']) || isset($rola['parents']['group']) && count($rola['parents']['group']))) { $parentsArray = array(); foreach ($rola['parents'] as $parent_prefix => $prefixes) { if (count($prefixes)) { foreach ($prefixes as $parent) { $parentsArray[] = ($parent_prefix ? $parent_prefix . '_' : '') . (int) $parent['priority'] . "_" . $parent['id']; if (!$this->acl->hasRole(($parent_prefix ? $parent_prefix . '_' : '') . ($parent_prefix != 'profile' ? (int) $parent['priority'] . "_" : '') . (string) $parent['id'])) { $source = '_' . $parent_prefix . 's'; $source = $this->{$source}; if (isset($source[$parent['id']])) { $this->addAclRole($source[$parent['id']], $parent_prefix); } } } } } if (!$this->acl->hasRole(($prefix ? $prefix . '_' : '') . ($prefix != 'profile' ? (int) $rola['priority'] . "_" : '') . (string) $rola['id'])) { $this->acl->addRole(($prefix ? $prefix . '_' : '') . ($prefix != 'profile' ? (int) $rola['priority'] . "_" : '') . $rola['id'], $parentsArray); } } else { if (!$this->acl->hasRole(($prefix ? $prefix . '_' : '') . ($prefix != 'profile' ? (int) $rola['priority'] . "_" : '') . (string) $rola['id'])) { $this->acl->addRole(($prefix ? $prefix . '_' : '') . ($prefix != 'profile' ? (int) $rola['priority'] . "_" : '') . $rola['id']); } } }
public function initACL() { $model = new Security_Model_SystemMaster(); $result = $model->fetchAll("master_code='fdMenu' and status='1'"); $acl = new Base_Acl(); foreach ($result as $row) { $arrUrl = explode("/", $row->getStrval1()); $module = $arrUrl[1]; $controller = $arrUrl[2]; $action = $arrUrl[3]; if (!$acl->has("{$module}:{$controller}")) { $acl->add(new Zend_Acl_Resource("{$module}:{$controller}")); } //$acl->deny('administrator', "$module:$controller", $action); } $acl->add(new Zend_Acl_Resource('default:error'))->add(new Zend_Acl_Resource('mps:auth'))->add(new Zend_Acl_Resource('default:index')); $acl->allow('guest', array('default:error', "mps:auth", 'default:index')); $acl->allow('administrator', array("mps:app")); // prototype $model = new Security_Model_SystemMapping(); $userGroupId = $this->view->userGroupId; $userSubGroupId = $this->view->userSubGroupId; $userRoleId = $this->view->userRoleId; $userId = $this->view->userId; $arrG = array(); $res = $model->fetchAll("map_code='fdMenuGroupMap' and map_id2='{$userGroupId}'"); if (count($res) > 0) { foreach ($res as $_row) { $arrG[] = $_row->getMapId1(); } } $res = $model->fetchAll("map_code='fdMenuSubGroupMap' and map_id2='{$userSubGroupId}'"); if (count($res) > 0) { foreach ($res as $_row) { $arrG[] = $_row->getMapId1(); } } $res = $model->fetchAll("map_code='fdMenuRoleMap' and map_id2='{$userRoleId}'"); if (count($res) > 0) { foreach ($res as $_row) { $arrG[] = $_row->getMapId1(); } } $res = $model->fetchAll("map_code='fdMenuUserMap' and map_id2='{$userId}'"); if (count($res) > 0) { foreach ($res as $_row) { $arrG[] = $_row->getMapId1(); } } $arrG = array_unique($arrG); $strid = implode("','", $arrG); $model = new Security_Model_SystemMaster(); $result = $model->fetchAll("master_code='fdMenu' and master_id in ('{$strid}')"); if (count($result) > 0) { foreach ($result as $row) { $arrUrl = explode("/", $row->getStrval1()); $module = $arrUrl[1]; $controller = $arrUrl[2]; $action = $arrUrl[3]; // echo "<pre>"; // print_r($arrUrl); // echo "</pre>"; $acl->allow('administrator', "{$module}:{$controller}", $action); } } $acl->allow('administrator', 'security:menu', array('get-permission', 'save-permission')); Zend_Registry::set('acl', $acl); }