public function checkAccess(Zend_Controller_Request_Abstract $request) { $resource = new User_Model_Acl_Resource(); $resource->getPrivileges($request); if (!$resource->privileges || !$resource->resource_id) { //error in getting resource privileges or nobody is allowed access, deny access and redirect to forbidden return false; } $acl = new Zend_Acl(); $acl->add(new Zend_Acl_Resource($resource->resource_id)); foreach ($resource->privileges as $key => $privilege) { if (!$acl->hasRole($privilege["role_id"])) { $acl->addRole(new Zend_Acl_Role($privilege["role_id"])); $acl->allow($privilege["role_id"], $resource->resource_id); } } $authorization = Zend_Auth::getInstance(); if ($authorization->hasIdentity()) { $user = $authorization->getIdentity(); if ($acl->hasRole($user['role_id']) && $acl->isAllowed($user['role_id'], $resource->resource_id)) { //role has access return true; } //user role does not have access to this resource return false; } else { $aclrole = new User_Model_Acl_Role(); $aclrole->getDefaultRole(); if (!$aclrole->default_role || !$acl->hasRole($aclrole->default_role) || !$acl->isAllowed($aclrole->default_role, $resource->resource_id)) { //redirect to login return false; } } return true; }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { if (!in_array(Zend_Controller_Front::getInstance()->getRouter()->getCurrentRouteName(), array('admin', 'admin_language'))) { return; } $resource = new User_Model_Acl_Resource(); $resource->getAdminPrivileges(); if ($resource->admin_privileges) { //$actionStack = Zend_Controller_Action_HelperBroker::getStaticHelper('ActionStack'); $actionStack = new Zend_Controller_Plugin_ActionStack(); foreach ($resource->admin_privileges as $module => $actions) { $class = ucfirst($module) . '_AdminController'; if (!class_exists($class)) { Zend_Loader::loadFile(APPLICATION_PATH . '/modules/' . $module . '/controllers/AdminController.php'); } $reflection = new Zend_Reflection_Class($class); $method = null; try { if ($method = $reflection->getMethod('menuAction')) { $actionStack->pushStack(new Zend_Controller_Request_Simple('menu', 'admin', $module, array('admin_actions' => array_flip($actions)))); } } catch (Exception $e) { } } } }