<?php

class Acl extends Zend_Acl
{
    const ROLE_VISITOR  = 'visitor';
    const ROLE_MEMBER   = 'member';
    const ROLE_FIKTIV   = 'fiktiv';

    public function  __construct()
    {
        // Add roles
        $this->loadRoles();

        // Add resources
        $this->loadResources();

        // Set accessrights
        $this->loadAccess();
        
    }


    public function  isAllowed($role = null, $resource = null, $privilege = null)
    {
        if ($role instanceof User) {
            $role = $role->userRole;
        }

        return parent::isAllowed($role, $resource, $privilege);
    }

    protected function loadRoles()
    {

        $this->addRole(new Zend_Acl_Role(self::ROLE_VISITOR));
        $this->addRole(new Zend_Acl_Role(self::ROLE_MEMBER), self::ROLE_VISITOR);
        $this->addRole(new Zend_Acl_Role(self::ROLE_FIKTIV), self::ROLE_MEMBER);
        
    }
    

    protected function loadResources()
    {
        $this->add(new Zend_Acl_Resource('blog'));
        $this->add(new Zend_Acl_Resource('profile'));
        $this->add(new Zend_Acl_Resource('admin'));
    }


    protected function loadAccess()
    {
        // Set default rules
        #$this->_setDefaultAccess();

        // Blog
        $this->allow(self::ROLE_MEMBER, 'blog', 'comment');

        // Profile


        // Admin
        $this->allow(self::ROLE_FIKTIV, 'admin', array('read', 'write', 'delete'));
        
    }


    protected function _setDefaultAccess()
    {
        $defaults = array(
            self::ROLE_VISITOR   => array('read'),
            self::ROLE_MEMBER    => array('read'),
            self::ROLE_FIKTIV    => array('read','write', 'delete')
        );

        foreach ($defaults as $role => $privileges) {

            foreach ($this->getResources() as $resource) {
                
                $this->allow($role,$resource,$privileges);
            }
        }
    }

}