/** * Determines whether a page should be accepted by ACL when iterating * * Rules: * - If helper has no ACL, page is accepted * - If page has a resource or privilege defined, page is accepted * if the ACL allows access to it using the helper's role * - If page has no resource or privilege, page is accepted * * @param AbstractPage $page page to check * @return bool whether page is accepted by ACL */ protected function acceptAcl(AbstractPage $page) { if (!($acl = $this->getAcl())) { // no acl registered means don't use acl return true; } $role = $this->getRole(); $roles = $this->getRoles(); $resource = $page->getResource(); if ($resource === NULL) { return true; } $resource = $this->acl->hasResourceOrParent($resource); if ($resource === false || $resource === NULL) { return false; } if (!$roles) { $roles = array($role); } if ($resource) { foreach ($roles as $r) { /** * TODO: for now this has been set to allow an item if its resource is not found */ if (!$acl->hasResource($resource) || $acl->isAllowed($r, $resource)) { return true; } } return false; } return true; }
/** * Determines whether a page should be accepted by ACL when iterating * * Rules: * - If helper has no ACL, page is accepted * - If page has a resource or privilege defined, page is accepted * if the ACL allows access to it using the helper's role * - If page has no resource or privilege, page is accepted * * @param AbstractPage $page page to check * @return bool whether page is accepted by ACL */ protected function acceptAcl(AbstractPage $page) { if (!($acl = $this->getAcl())) { // no acl registered means don't use acl return true; } $role = $this->getRole(); $roles = $this->getRoles(); $resource = $page->getResource(); $privilege = $page->getPrivilege(); if (!$roles) { $roles = array($roles); } if ($resource || $privilege) { foreach ($roles as $r) { // determine using helper role and page resource/privilege return $acl->hasResource($resource) && $acl->isAllowed($r, $resource); } return false; } return true; }