/** * Initializes and return an instance of the given class name. * * @param string $className * @return mixed */ public function getInstance($className) { switch ($className) { case '\\Zepi\\Core\\AccessControl\\Manager\\AccessControlManager': if ($this->accessControlManager === null) { $dataSourceManager = $this->framework->getDataSourceManager(); $this->accessControlManager = $this->framework->initiateObject($className, array('accessEntitiesDataSource' => $dataSourceManager->getDataSource('\\Zepi\\Core\\AccessControl\\DataSource\\AccessEntitiesDataSourceInterface'), 'permissionsDataSource' => $dataSourceManager->getDataSource('\\Zepi\\Core\\AccessControl\\DataSource\\PermissionsDataSourceInterface'))); } return $this->accessControlManager; break; case '\\Zepi\\Core\\AccessControl\\Manager\\AccessLevelManager': if ($this->accessLevelManager === null) { $accessLevelsObjectBackend = $this->framework->initiateObject('\\Zepi\\Turbo\\Backend\\FileObjectBackend', array('path' => $this->framework->getRootDirectory() . '/data/access-levels.data')); $this->accessLevelManager = $this->framework->initiateObject($className, array('accessLevelObjectBackend' => $accessLevelsObjectBackend)); $this->accessLevelManager->initializeAccessLevelManager(); } return $this->accessLevelManager; break; case '\\Zepi\\Core\\AccessControl\\Manager\\EventAccessManager': if ($this->eventAccessManager === null) { $eventAccessObjectBackend = $this->framework->initiateObject('\\Zepi\\Turbo\\Backend\\FileObjectBackend', array('path' => $this->framework->getRootDirectory() . '/data/event-access-levels.data')); $this->eventAccessManager = $this->framework->initiateObject($className, array('eventAccessObjectBackend' => $eventAccessObjectBackend)); $this->eventAccessManager->initializeEventAccessManager(); } return $this->eventAccessManager; break; case '\\Zepi\\Core\\AccessControl\\DataSource\\AccessEntitiesDataSourceDoctrine': $dataSourceManager = $this->framework->getDataSourceManager(); return $this->framework->initiateObject($className, array('permissionsDataSource' => $dataSourceManager->getDataSource('\\Zepi\\Core\\AccessControl\\DataSource\\PermissionsDataSourceInterface'))); break; default: return $this->framework->initiateObject($className); break; } }
/** * Revokes all permissions for the given access level key * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @param mixed $value * @return mixed */ public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null) { if (!$request instanceof WebRequest) { return $value; } $items = $this->eventAccessManager->getAccessLevelsForEvent($value); // If there are no access levels for the given event name the access // to the event is not restricted. if ($items === false) { return $value; } if (!$request->hasSession()) { return '\\Zepi\\Core\\AccessControl\\Event\\RedirectRequestWithoutSession'; } foreach ($items as $accessLevel) { if ($request->getSession()->hasAccess($accessLevel)) { return $value; } } return '\\Zepi\\Core\\AccessControl\\Event\\DisplayNoAccessMessage'; }