/**
* Method used to add rules to the specified resource.
*/
protected function _addRules($type = Zend_Acl::TYPE_ALLOW, array $rules, $resource, $resourceName)
{
foreach ($rules as $privilege => $ruleProperties) {
// If the user sets the privilege value to a string, we will consider
// this as the list of roles.
if (!is_array($ruleProperties)) {
$ruleProperties = array('roles' => $ruleProperties);
}
if ($privilege === 'all') {
$privilege = null;
}
$roles = $ruleProperties['roles'];
if (is_null($roles) || empty($roles)) {
$section = 'rules';
if ($type === Zend_Acl::TYPE_ALLOW) {
$section = 'allow ' . $section;
} else {
$section = 'deny ' . $section;
}
throw new Zend_Application_Resource_Exception(sprintf($this->_missingPropertyMessage, 'roles', $section, 'resource ' . $resourceName));
}
$roles = explode(',', $roles);
if ($roles[0] === 'all') {
$roles = null;
}
$assert = null;
if (isset($ruleProperties['assert']) && !empty($ruleProperties['assert'])) {
$assert = $ruleProperties['assert'];
$assert = new $assert();
}
$this->_acl->setRule(Zend_Acl::OP_ADD, $type, $roles, $resource, $privilege, $asset);
}
}
public function testSetRuleWorksWithResourceInterface()
{
$roleGuest = new Role\GenericRole('guest');
$this->_acl->addRole($roleGuest);
$resourceFoo = new Resource\GenericResource('foo');
$this->_acl->addResource($resourceFoo);
$this->_acl->setRule(Acl\Acl::OP_ADD, Acl\Acl::TYPE_ALLOW, $roleGuest, $resourceFoo);
}
public function buildAcl()
{
if ($this->_acl !== null) {
return $this->_acl;
}
$aclDefinition = Zym_Message_Dispatcher::get()->post('buildAcl')->getResult('buildAcl');
$acl = new Zend_Acl();
foreach ($aclDefinition as $module) {
if (!$acl->has($module['resource'])) {
$acl->addResource($module['resource']);
}
foreach ($module['rules'] as $key => $rule) {
if (!$acl->hasRole($key)) {
$acl->addRole($key);
}
$acl->setRule('OP_ADD', $rule['allPrivileges']['type'], $key, $module['resource']);
}
}
$this->_acl = $acl;
return $this->_acl;
}