function testMultipleHierarchy() { $acl = new SimpleAcl(); $acl->addRole(ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED, ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED_REGISTERED, ROLE_IDENTIFIED); $acl->addRole(ROLE_ADMINISTRATOR, ROLE_IDENTIFIED); $acl->addResource(ROLE_GUEST, 'resource1'); $acl->addResource(ROLE_IDENTIFIED, 'resource2'); $acl->addResource(ROLE_IDENTIFIED_REGISTERED, 'resource_personal'); $acl->addResource(ROLE_ADMINISTRATOR, 'resource_important'); $this->assertTrue($acl->isAllowed(ROLE_GUEST, 'resource1')); $this->assertTrue($acl->isAllowed(ROLE_IDENTIFIED, 'resource1')); $this->assertTrue($acl->isAllowed(ROLE_IDENTIFIED_REGISTERED, 'resource1')); $this->assertTrue($acl->isAllowed(ROLE_ADMINISTRATOR, 'resource1')); $this->assertFalse($acl->isAllowed(ROLE_GUEST, 'resource2')); $this->assertTrue($acl->isAllowed(ROLE_IDENTIFIED, 'resource2')); $this->assertTrue($acl->isAllowed(ROLE_IDENTIFIED_REGISTERED, 'resource2')); $this->assertTrue($acl->isAllowed(ROLE_ADMINISTRATOR, 'resource2')); $this->assertFalse($acl->isAllowed(ROLE_GUEST, 'resource_personal')); $this->assertFalse($acl->isAllowed(ROLE_IDENTIFIED, 'resource_personal')); $this->assertTrue($acl->isAllowed(ROLE_IDENTIFIED_REGISTERED, 'resource_personal')); $this->assertFalse($acl->isAllowed(ROLE_ADMINISTRATOR, 'resource_personal')); $this->assertFalse($acl->isAllowed(ROLE_GUEST, 'resource_important')); $this->assertFalse($acl->isAllowed(ROLE_IDENTIFIED, 'resource_important')); $this->assertFalse($acl->isAllowed(ROLE_IDENTIFIED_REGISTERED, 'resource_important')); $this->assertTrue($acl->isAllowed(ROLE_ADMINISTRATOR, 'resource_important')); }
$logger->logException($e); } // Initialize locale and region objects LocaleManager::init(); RegionManager::init(); // Start session AuthHandler::init(); // Initialize the ACL $acl = new SimpleAcl(); $acl->addRole(ROLE_GUEST); $acl->addRole(ROLE_AUTHORIZED_ACCESS, ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED, ROLE_GUEST); $acl->addRole(ROLE_IDENTIFIED_REGISTERED, ROLE_IDENTIFIED); $acl->addRole(ROLE_ADMINISTRATOR, ROLE_IDENTIFIED_REGISTERED); if (ENV === ENV_DEVELOPMENT) { $acl->addResource(ROLE_GUEST, array('webres.php', 'test.php')); } $acl->addResource(ROLE_GUEST, array('auth.php', 'optout.php')); if (getConfiguration('auth.mode') == AuthHandler::AUTH_MODE_PASS) { $acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'AddRideAll.php', 'GetRegionConfiguration.php')); } else { if (AuthHandler::getAuthMode() == AuthHandler::AUTH_MODE_TOKEN) { $acl->addResource(ROLE_GUEST, array('join.php', 'help.php', 'index.php', 'AddRideAll.php', 'feedback.php', 'SearchRides.php', 'GetRegionConfiguration.php')); } } $acl->addResource(ROLE_IDENTIFIED, array('join.php', 'help.php', 'index.php', 'feedback.php', 'logout.php', 'thanks.php', 'SearchRides.php', 'AddRideAll.php', 'GetRegionConfiguration.php')); $acl->addResource(ROLE_IDENTIFIED_REGISTERED, array('ActivateToggle.php', 'DeleteRide.php', 'ShowInterest.php')); // Content management $acl->addResource(ROLE_ADMINISTRATOR, array('translations.php')); // Enfore access control $role = AuthHandler::getRole();