/** * Constructor * * @param UserModel $user User model to retrieve Acl, role name and check permission */ public function __construct(UserModel $user) { $this->acl = $user->getAcl(true); $this->roleName = $user->getRole()->getName(); }
/** * Check user acl * * @param UserModel $userModel User model * * @return \Zend\Http\Response|null */ protected function checkAcl(UserModel $userModel) { if (!empty($this->aclPage) and $userModel->getRole()->getName() !== RoleModel::PROTECTED_NAME) { $permission = null; $acl = $userModel->getAcl(true); if ($this->aclPage['resource'] == 'modules') { $moduleId = $this->getRouteMatch()->getParam('m'); if (empty($moduleId)) { $action = $this->getRouteMatch()->getParam('action'); $permission = $action === 'index' ? 'list' : $action; } else { $moduleModel = ModuleModel::fromId($moduleId); if (!empty($moduleModel)) { $permission = $moduleModel->getName(); } } } else { $permission = empty($this->aclPage['permission']) ? null : $this->aclPage['permission']; if ($this->aclPage['permission'] != 'index' and !in_array($this->aclPage['resource'], array('content', 'stats'))) { $action = $this->getRouteMatch()->getParam('action'); $permission .= (!empty($permission) ? '/' : '') . ($action === 'index' ? 'list' : $action); } } if (!$acl->isAllowed($userModel->getRole()->getName(), $this->aclPage['resource'], $permission)) { return $this->redirect()->toRoute('config/user/forbidden'); } } }