/** * Check if the current user (self::$user) is allowed to * use the $module/$action * * @param string $module * @param string $action * @return bool */ public function isAllowed($module, $action) { $resource = 'webdesktop/' . $module; // build rules on every call? $this->acl->buildResourceRules('webdesktop', $module, $action, $this->user, TRUE); $cache = Zend_Registry::get('Cache_Acl'); $cache->save($this->acl, 'acl_object'); foreach ($this->user->getRoles() as $roleId => $roleName) { if ($this->acl->isAllowed($roleId, $resource, $action)) { return TRUE; } foreach ($this->acl->getRole($roleId)->getParentRole() as $roleId => $roleName) { if ($this->acl->isAllowed($roleId, $resource, $action)) { return TRUE; } } } return FALSE; }
/** * Get roles bound to a role * * @param App_User $user * @return array * @access public */ public function getUserBoundRoles(App_User $user) { $roles = array(); foreach ($user->getRoles() as $id => $name) { if ($this->hasRole($id)) { $roles[$id] = $name; if ($this->getRole($id)->hasParentRole()) { foreach ($this->getRole($id)->getParentRoles() as $parent) { $pId = $parent->getRoleId(); $pName = $parent->getName(); $roles[$pId] = $pName; } } } } return $roles; }