public function init() { parent::init(); $role_mapper = new Application_Model_RoleMapper(); $roles = $role_mapper->fetchAll(); $resource_mapper = new Application_Model_ResourceMapper(); $resources = $resource_mapper->fetchAll(); $privilege_mapper = new Application_Model_PrivilegeMapper(); $privileges = $privilege_mapper->fetchAll(); $multi_options = array('' => 'Select option'); if ($roles) { foreach ($roles as $row) { $multi_options[$row->getId()] = $row->getRole(); } } $this->addElement('select', 'role_id', array('required' => true, 'label' => 'Role:', 'MultiOptions' => $multi_options)); $multi_options = array('' => 'Select option'); if ($resources) { foreach ($resources as $row) { $multi_options[$row->getId()] = $row->getResource(); } } $this->addElement('select', 'resource_id', array('label' => 'Resource:', 'MultiOptions' => $multi_options)); $multi_options = array('' => 'Select option'); if ($privileges) { foreach ($privileges as $row) { $multi_options[$row->getId()] = $row->getPrivilege(); } } $this->addElement('select', 'privilege_id', array('label' => 'Privilege:', 'MultiOptions' => $multi_options)); $this->addElement('submit', 'submit', array('ignore' => true, 'label' => 'Add Role-Resource-Privilege')); }
public function _initAcl() { if (!Zend_Registry::isRegistered('init_acl')) { $acl = new Zend_Acl(); // add roles $role_mapper = new Application_Model_RoleMapper(); $roles = $role_mapper->fetchAll(); foreach ($roles as $row) { if ($row->getInherited_role_id() != null) { $inherited_role = $role_mapper->find($row->getInherited_role_id()); if ($inherited_role) { // inheritor inherits all of the rules of inherited $acl->addRole(new Zend_Acl_Role($row->getRole()), $inherited_role->getRole()); } else { $acl->addRole(new Zend_Acl_Role($row->getRole())); } } else { $acl->addRole(new Zend_Acl_Role($row->getRole())); } } // add resources $resource_mapper = new Application_Model_ResourceMapper(); $resources = $resource_mapper->fetchAll(); foreach ($resources as $row) { $acl->addResource(new Zend_Acl_Resource($row->getResource())); } // Add roles-resource, role-privilege, and role-resource-privilege combinations $role_resource_privilege_mapper = new Application_Model_RoleResourcePrivilegeMapper(); $privilege_mapper = new Application_Model_PrivilegeMapper(); $role_resource_privileges = $role_resource_privilege_mapper->fetchAll(); foreach ($role_resource_privileges as $row) { $role = $role_mapper->find($row->getRole_id()); $resource = $resource_mapper->find($row->getResource_id()); $privilege = $privilege_mapper->find($row->getPrivilege_id()); $resource = $resource ? $resource->getResource() : null; $privilege = $privilege ? $privilege->getPrivilege() : null; $acl->allow($role->getRole(), $resource, $privilege); } Zend_Registry::set('acl', $acl); Zend_Registry::set('init_acl', true); } }
public function _initAcl() { if (!Zend_Registry::isRegistered('init_acl')) { /** * resource = controller * privilege = action */ $acl = array('roles' => array(), 'resources' => array(), 'resource-privileges' => array(), 'role-resource-privileges' => array()); $role_mapper = new Application_Model_RoleMapper(); $resource_mapper = new Application_Model_ResourceMapper(); $privilege_mapper = new Application_Model_PrivilegeMapper(); $resource_privilege_mapper = new Application_Model_ResourcePrivilegeMapper(); $role_resource_privilege_mapper = new Application_Model_RoleResourcePrivilegeMapper(); // add roles $roles = $role_mapper->fetchAll(); foreach ($roles as $row) { if ($row->getInherited_role_id() != null) { $inherited_role = $role_mapper->find($row->getInherited_role_id()); if ($inherited_role) { // inheritor inherits all of the rules of inherited $acl['roles'][$row->getRole()] = array('role' => $row->getRole(), 'parent' => $inherited_role->getRole()); } else { $acl['roles'][$row->getRole()] = array('role' => $row->getRole()); } } else { $acl['roles'][$row->getRole()] = array('role' => $row->getRole()); } } // add resources $resources = $resource_mapper->fetchAll(); foreach ($resources as $row) { $acl['resources'][] = $row->getResource(); } // add resource-privilege combinations $resource_privileges = $resource_privilege_mapper->fetchAll(); foreach ($resource_privileges as $row) { $resource = $resource_mapper->find($row->getResource_id()); $privilege = $privilege_mapper->find($row->getPrivilege_id()); if ($resource && $privilege) { $resource = $resource->getResource(); $privilege = $privilege->getPrivilege(); if (!isset($acl['resource_privileges'][$resource])) { $acl['resource_privileges'][$resource] = array(); } $acl['resource_privileges'][$resource][] = $privilege; } } // add role-resource-privilege combinations $role_resource_privileges = $role_resource_privilege_mapper->fetchAll(); foreach ($role_resource_privileges as $row) { $role = $role_mapper->find($row->getRole_id()); if ($role) { $role = $role->getRole(); $resource = $resource_mapper->find($row->getResource_id()); $privilege = $privilege_mapper->find($row->getPrivilege_id()); $resource = $resource ? $resource->getResource() : null; $privilege = $privilege ? $privilege->getPrivilege() : null; if (!isset($acl['role-resource-privileges'][$role])) { $acl['role-resource-privileges'][$role] = array(); } $acl['role-resource-privileges'][$role][] = array('resource' => $resource, 'privilege' => $privilege); } } Zend_Registry::set('acl', $acl); Zend_Registry::set('init_acl', true); } }