84 lines
No EOL
1.9 KiB
PHP
84 lines
No EOL
1.9 KiB
PHP
<?php
|
|
|
|
class Acl extends Zend_Acl
|
|
{
|
|
const ROLE_VISITOR = 'visitor';
|
|
const ROLE_MEMBER = 'member';
|
|
const ROLE_FIKTIV = 'fiktiv';
|
|
|
|
public function __construct()
|
|
{
|
|
// Add roles
|
|
$this->loadRoles();
|
|
|
|
// Add resources
|
|
$this->loadResources();
|
|
|
|
// Set accessrights
|
|
$this->loadAccess();
|
|
|
|
}
|
|
|
|
|
|
public function isAllowed($role = null, $resource = null, $privilege = null)
|
|
{
|
|
if ($role instanceof User) {
|
|
$role = $role->userRole;
|
|
}
|
|
|
|
return parent::isAllowed($role, $resource, $privilege);
|
|
}
|
|
|
|
protected function loadRoles()
|
|
{
|
|
|
|
$this->addRole(new Zend_Acl_Role(self::ROLE_VISITOR));
|
|
$this->addRole(new Zend_Acl_Role(self::ROLE_MEMBER), self::ROLE_VISITOR);
|
|
$this->addRole(new Zend_Acl_Role(self::ROLE_FIKTIV), self::ROLE_MEMBER);
|
|
|
|
}
|
|
|
|
|
|
protected function loadResources()
|
|
{
|
|
$this->add(new Zend_Acl_Resource('blog'));
|
|
$this->add(new Zend_Acl_Resource('profile'));
|
|
$this->add(new Zend_Acl_Resource('admin'));
|
|
}
|
|
|
|
|
|
protected function loadAccess()
|
|
{
|
|
// Set default rules
|
|
$this->_setDefaultAccess();
|
|
|
|
// Blog
|
|
$this->allow(self::ROLE_MEMBER, 'blog', 'comment');
|
|
|
|
// Profile
|
|
$this->deny(self::ROLE_VISITOR,'profile','read');
|
|
|
|
// Admin
|
|
$this->allow(self::ROLE_FIKTIV, 'admin', array('read', 'write', 'delete'));
|
|
|
|
}
|
|
|
|
|
|
protected function _setDefaultAccess()
|
|
{
|
|
$defaults = array(
|
|
self::ROLE_VISITOR => array('read'),
|
|
self::ROLE_MEMBER => array('read'),
|
|
self::ROLE_FIKTIV => array('read','write', 'delete')
|
|
);
|
|
|
|
foreach ($defaults as $role => $privileges) {
|
|
|
|
foreach ($this->getResources() as $resource) {
|
|
|
|
$this->allow($role,$resource,$privileges);
|
|
}
|
|
}
|
|
}
|
|
|
|
} |