Пример #1
0
 /**
  * Add list of nodes and their children to acl
  *
  * @param Acl $acl
  * @param array $resources
  * @param AclResource $parent
  * @return void
  * @throws \InvalidArgumentException
  */
 protected function _addResourceTree(Acl $acl, array $resources, AclResource $parent = null)
 {
     foreach ($resources as $resourceConfig) {
         if (!isset($resourceConfig['id'])) {
             throw new \InvalidArgumentException('Missing ACL resource identifier');
         }
         /** @var $resource AclResource */
         $resource = $this->_resourceFactory->createResource(array('resourceId' => $resourceConfig['id']));
         $acl->addResource($resource, $parent);
         if (isset($resourceConfig['children'])) {
             $this->_addResourceTree($acl, $resourceConfig['children'], $resource);
         }
     }
 }
Пример #2
0
 /**
  * Populate ACL with roles from external storage
  *
  * @param \Magento\Framework\Acl $acl
  * @return void
  */
 public function populateAcl(\Magento\Framework\Acl $acl)
 {
     $roleTableName = $this->_resource->getTableName('authorization_role');
     $adapter = $this->_resource->getConnection('core_read');
     $select = $adapter->select()->from($roleTableName)->order('tree_level');
     foreach ($adapter->fetchAll($select) as $role) {
         $parent = $role['parent_id'] > 0 ? $role['parent_id'] : null;
         switch ($role['role_type']) {
             case RoleGroup::ROLE_TYPE:
                 $acl->addRole($this->_groupFactory->create(['roleId' => $role['role_id']]), $parent);
                 break;
             case RoleUser::ROLE_TYPE:
                 if (!$acl->hasRole($role['role_id'])) {
                     $acl->addRole($this->_roleFactory->create(['roleId' => $role['role_id']]), $parent);
                 } else {
                     $acl->addRoleParent($role['role_id'], $parent);
                 }
                 break;
         }
     }
 }
Пример #3
0
 /**
  * Populate ACL with rules from external storage
  *
  * @param \Magento\Framework\Acl $acl
  * @return void
  */
 public function populateAcl(\Magento\Framework\Acl $acl)
 {
     $ruleTable = $this->_resource->getTableName("authorization_rule");
     $connection = $this->_resource->getConnection();
     $select = $connection->select()->from(['r' => $ruleTable]);
     $rulesArr = $connection->fetchAll($select);
     foreach ($rulesArr as $rule) {
         $role = $rule['role_id'];
         $resource = $rule['resource_id'];
         $privileges = !empty($rule['privileges']) ? explode(',', $rule['privileges']) : null;
         if ($acl->has($resource)) {
             if ($rule['permission'] == 'allow') {
                 if ($resource === $this->_rootResource->getId()) {
                     $acl->allow($role, null, $privileges);
                 }
                 $acl->allow($role, $resource, $privileges);
             } elseif ($rule['permission'] == 'deny') {
                 $acl->deny($role, $resource, $privileges);
             }
         }
     }
 }