public function addResources($resources) { if ($resources !== self::ALL) { $resources = is_array($resources) ? $resources : [$resources]; foreach ($resources as $resource) { if (!$this->acl->hasResource($resource)) { $this->acl->addResource($resource); } } } }
public function __construct() { $this->acl = new NS\Permission(); $this->acl->addRole('guest'); $this->acl->addRole('user', 'registered'); $this->acl->addRole('admin', 'user'); $this->acl->addResource('backend'); $this->acl->addResource('users'); $this->acl->allow('user', array('backend'), array('view')); $this->acl->allow('admin'); }
private function defineResources(Permission $authorizator) { $authorizator->addResource('listing'); $authorizator->addResource('message'); // view $authorizator->addResource('relationships_tables'); // view_identifiers $authorizator->addResource('users_overview'); // suspend_user $authorizator->addResource('database_backup'); }
public static function createAuthorizator() { $perm = new Permission(); $perm->addRole("guest"); $perm->addRole("user", "guest"); $perm->addRole("admin", "user"); $perm->addResource('clip'); $perm->addResource('comment'); $perm->deny(); $perm->allow("admin"); $perm->allow("user", "comment", "add"); return $perm; }
public function startup() { parent::startup(); if ($this->getName() != 'Admin:Sign' && !$this->user->isLoggedIn()) { $this->redirect('Sign:default'); } //nastavim prava foreach ($this->roles->getAll() as $role) { $this->acl->addRole($role['system_name']); } foreach ($this->resources->getAll() as $resource) { $this->acl->addResource($resource['system_name']); } foreach ($this->permissions->getAll() as $permission) { $this->acl->allow($permission->role->system_name, $permission->resource->system_name, $permission->privilege->system_name); } $this->acl->addRole('super_admin'); $this->acl->allow('super_admin'); //homepage a sign maji pristup vsichni $this->acl->addResource('homepage'); $this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'homepage'); $this->acl->addResource('sign'); $this->acl->allow(\App\AdminModule\Components\Authorizator::ALL, 'sign'); //vychozi role $this->acl->addRole('guest'); //kontrola prav if ($this->getName() != 'Admin:Image' && $this->getAction() != 'ordering' && $this->getAction() != 'orderingCategory' && $this->getAction() != 'deleteImage' && $this->getAction() != 'changePassword' && $this->getAction() != 'getCity' && $this->getAction() != 'download') { if (!$this->getUser()->isAllowed($this->getNameSimple(), $this->getAction())) { $this->flashMessage($this->translator->translate('admin.login.noAccess'), 'error'); $this->redirect('Homepage:default'); } } //projedu vsek moduly a pokusim se najit presentery $presenters = array(); $vsekDir = dirname(__FILE__) . '/../../../'; $ch = opendir($vsekDir); while (($file = readdir($ch)) !== false) { if (!in_array($file, array('.', '..'))) { if (file_exists($vsekDir . $file . '/src/setting.xml')) { $xml = simplexml_load_file($vsekDir . $file . '/src/setting.xml'); if (isset($xml->presenter)) { $this->menuModules[] = array('name' => (string) $xml->presenter->name, 'resource' => (string) $xml->presenter->resource); } } } } closedir($ch); }
/** @return Nette\Security\Permission */ public function create() { if (!$this->cmsInstalled) { return new Nette\Security\Permission(); } $acl = $this->cache->load('acl'); if ($acl === NULL) { $acl = new Nette\Security\Permission(); try { foreach ($this->roleService->findAll() as $role) { $acl->addRole($role->name, $role->parent === NULL ? NULL : $role->parent->name); } } catch (Kdyby\Doctrine\DBALException $ex) { return new Nette\Security\Permission(); } foreach ($this->resourceService->findAll() as $resource) { $acl->addResource($resource->name); } foreach ($this->aclService->findAll() as $aclEntry) { if ($aclEntry->allow) { $acl->allow($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name); } else { $acl->deny($aclEntry->role->name, $aclEntry->permission->resource->name, $aclEntry->permission->privilege->name); } } $this->cache->save('acl', $acl, [Nette\Caching\Cache::TAGS => self::CACHE_TAG]); } return $acl; }
public function __construct() { $acl = new Nette\Security\Permission(); // definice rolí $acl->addRole('guest'); $acl->addRole('demo', 'guest'); // demo dědí od guest $acl->addRole('admin', 'demo'); // a od něj dědí admin // seznam zdrojů, ke kterým mohou uživatelé přistupovat $acl->addResource('Admin:Admin'); $acl->addResource('Front'); // pravidla, určující, kdo co může s čím dělat $acl->allow('guest', 'Front', self::READ); $acl->allow('demo', 'Admin:Admin', self::READ); $acl->allow('admin', Permission::ALL, Permission::ALL); // Nastaveno! $this->acl = $acl; }
private function setResources(Permission $p) { try { $resources = $this->resourcesService->getResources(); } catch (Exceptions\DataErrorException $e) { $this->logError($e->getMessage()); } foreach ($resources as $res) { if ($res->hasParent()) { $p->addResource($res->getId(), $res->getParent()); } else { $p->addResource($res->getId()); } } }
/** * */ private function InitResource() { foreach ($this->resourceRepository->read()->order("aclResourceID ASC") as $resource) { $this->acl->addResource($resource->name); } }
/** * Nadefinuje jednotlivé resources. */ private function defineResources() { foreach ($this->permissionRepository->selectAllResources() as $resource) { $this->acl->addResource($resource->getName()); } }
/** * Get raw permissions without privileges. * * @return Permission */ public function getRawPermissions() { $permission = new Permission(); foreach ($this->scanResources() as $resource => $privileges) { $permission->addResource($resource); } foreach ($this->defaultRoles as $role) { if (!$permission->hasRole($role)) { $permission->addRole($role); } } return $permission; }
private function loadResources(Permission $acl) { $resources = $this->em->createQuery('SELECT r FROM ' . Resource::class . ' r')->execute(); /** @var Resource $resource */ foreach ($resources as $resource) { $acl->addResource($resource->getName()); } }