Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
Acl.php
Go to the documentation of this file.
1 <?php
26 #require_once 'Zend/Acl/Resource/Interface.php';
27 
28 
32 #require_once 'Zend/Acl/Role/Registry.php';
33 
34 
38 #require_once 'Zend/Acl/Assert/Interface.php';
39 
40 
44 #require_once 'Zend/Acl/Role.php';
45 
46 
50 #require_once 'Zend/Acl/Resource.php';
51 
52 
59 class Zend_Acl
60 {
64  const TYPE_ALLOW = 'TYPE_ALLOW';
65 
69  const TYPE_DENY = 'TYPE_DENY';
70 
74  const OP_ADD = 'OP_ADD';
75 
79  const OP_REMOVE = 'OP_REMOVE';
80 
86  protected $_roleRegistry = null;
87 
93  protected $_resources = array();
94 
98  protected $_isAllowedRole = null;
99 
103  protected $_isAllowedResource = null;
104 
108  protected $_isAllowedPrivilege = null;
109 
115  protected $_rules = array(
116  'allResources' => array(
117  'allRoles' => array(
118  'allPrivileges' => array(
119  'type' => self::TYPE_DENY,
120  'assert' => null
121  ),
122  'byPrivilegeId' => array()
123  ),
124  'byRoleId' => array()
125  ),
126  'byResourceId' => array()
127  );
128 
148  public function addRole($role, $parents = null)
149  {
150  if (is_string($role)) {
151  $role = new Zend_Acl_Role($role);
152  }
153 
154  if (!$role instanceof Zend_Acl_Role_Interface) {
155  #require_once 'Zend/Acl/Exception.php';
156  throw new Zend_Acl_Exception('addRole() expects $role to be of type Zend_Acl_Role_Interface');
157  }
158 
159 
160  $this->_getRoleRegistry()->add($role, $parents);
161 
162  return $this;
163  }
164 
174  public function getRole($role)
175  {
176  return $this->_getRoleRegistry()->get($role);
177  }
178 
188  public function hasRole($role)
189  {
190  return $this->_getRoleRegistry()->has($role);
191  }
192 
208  public function inheritsRole($role, $inherit, $onlyParents = false)
209  {
210  return $this->_getRoleRegistry()->inherits($role, $inherit, $onlyParents);
211  }
212 
222  public function removeRole($role)
223  {
224  $this->_getRoleRegistry()->remove($role);
225 
226  if ($role instanceof Zend_Acl_Role_Interface) {
227  $roleId = $role->getRoleId();
228  } else {
229  $roleId = $role;
230  }
231 
232  foreach ($this->_rules['allResources']['byRoleId'] as $roleIdCurrent => $rules) {
233  if ($roleId === $roleIdCurrent) {
234  unset($this->_rules['allResources']['byRoleId'][$roleIdCurrent]);
235  }
236  }
237  foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $visitor) {
238  if (array_key_exists('byRoleId', $visitor)) {
239  foreach ($visitor['byRoleId'] as $roleIdCurrent => $rules) {
240  if ($roleId === $roleIdCurrent) {
241  unset($this->_rules['byResourceId'][$resourceIdCurrent]['byRoleId'][$roleIdCurrent]);
242  }
243  }
244  }
245  }
246 
247  return $this;
248  }
249 
256  public function removeRoleAll()
257  {
258  $this->_getRoleRegistry()->removeAll();
259 
260  foreach ($this->_rules['allResources']['byRoleId'] as $roleIdCurrent => $rules) {
261  unset($this->_rules['allResources']['byRoleId'][$roleIdCurrent]);
262  }
263  foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $visitor) {
264  foreach ($visitor['byRoleId'] as $roleIdCurrent => $rules) {
265  unset($this->_rules['byResourceId'][$resourceIdCurrent]['byRoleId'][$roleIdCurrent]);
266  }
267  }
268 
269  return $this;
270  }
271 
283  public function addResource($resource, $parent = null)
284  {
285  if (is_string($resource)) {
287  }
288 
289  if (!$resource instanceof Zend_Acl_Resource_Interface) {
290  #require_once 'Zend/Acl/Exception.php';
291  throw new Zend_Acl_Exception('addResource() expects $resource to be of type Zend_Acl_Resource_Interface');
292  }
293 
294  $resourceId = $resource->getResourceId();
295 
296  if ($this->has($resourceId)) {
297  #require_once 'Zend/Acl/Exception.php';
298  throw new Zend_Acl_Exception("Resource id '$resourceId' already exists in the ACL");
299  }
300 
301  $resourceParent = null;
302 
303  if (null !== $parent) {
304  try {
305  if ($parent instanceof Zend_Acl_Resource_Interface) {
306  $resourceParentId = $parent->getResourceId();
307  } else {
308  $resourceParentId = $parent;
309  }
310  $resourceParent = $this->get($resourceParentId);
311  } catch (Zend_Acl_Exception $e) {
312  #require_once 'Zend/Acl/Exception.php';
313  throw new Zend_Acl_Exception("Parent Resource id '$resourceParentId' does not exist", 0, $e);
314  }
315  $this->_resources[$resourceParentId]['children'][$resourceId] = $resource;
316  }
317 
318  $this->_resources[$resourceId] = array(
319  'instance' => $resource,
320  'parent' => $resourceParent,
321  'children' => array()
322  );
323 
324  return $this;
325  }
326 
341  public function add(Zend_Acl_Resource_Interface $resource, $parent = null)
342  {
343  return $this->addResource($resource, $parent);
344  }
345 
355  public function get($resource)
356  {
357  if ($resource instanceof Zend_Acl_Resource_Interface) {
358  $resourceId = $resource->getResourceId();
359  } else {
360  $resourceId = (string) $resource;
361  }
362 
363  if (!$this->has($resource)) {
364  #require_once 'Zend/Acl/Exception.php';
365  throw new Zend_Acl_Exception("Resource '$resourceId' not found");
366  }
367 
368  return $this->_resources[$resourceId]['instance'];
369  }
370 
379  public function has($resource)
380  {
381  if ($resource instanceof Zend_Acl_Resource_Interface) {
382  $resourceId = $resource->getResourceId();
383  } else {
384  $resourceId = (string) $resource;
385  }
386 
387  return isset($this->_resources[$resourceId]);
388  }
389 
405  public function inherits($resource, $inherit, $onlyParent = false)
406  {
407  try {
408  $resourceId = $this->get($resource)->getResourceId();
409  $inheritId = $this->get($inherit)->getResourceId();
410  } catch (Zend_Acl_Exception $e) {
411  #require_once 'Zend/Acl/Exception.php';
412  throw new Zend_Acl_Exception($e->getMessage(), $e->getCode(), $e);
413  }
414 
415  if (null !== $this->_resources[$resourceId]['parent']) {
416  $parentId = $this->_resources[$resourceId]['parent']->getResourceId();
417  if ($inheritId === $parentId) {
418  return true;
419  } else if ($onlyParent) {
420  return false;
421  }
422  } else {
423  return false;
424  }
425 
426  while (null !== $this->_resources[$parentId]['parent']) {
427  $parentId = $this->_resources[$parentId]['parent']->getResourceId();
428  if ($inheritId === $parentId) {
429  return true;
430  }
431  }
432 
433  return false;
434  }
435 
445  public function remove($resource)
446  {
447  try {
448  $resourceId = $this->get($resource)->getResourceId();
449  } catch (Zend_Acl_Exception $e) {
450  #require_once 'Zend/Acl/Exception.php';
451  throw new Zend_Acl_Exception($e->getMessage(), $e->getCode(), $e);
452  }
453 
454  $resourcesRemoved = array($resourceId);
455  if (null !== ($resourceParent = $this->_resources[$resourceId]['parent'])) {
456  unset($this->_resources[$resourceParent->getResourceId()]['children'][$resourceId]);
457  }
458  foreach ($this->_resources[$resourceId]['children'] as $childId => $child) {
459  $this->remove($childId);
460  $resourcesRemoved[] = $childId;
461  }
462 
463  foreach ($resourcesRemoved as $resourceIdRemoved) {
464  foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $rules) {
465  if ($resourceIdRemoved === $resourceIdCurrent) {
466  unset($this->_rules['byResourceId'][$resourceIdCurrent]);
467  }
468  }
469  }
470 
471  unset($this->_resources[$resourceId]);
472 
473  return $this;
474  }
475 
481  public function removeAll()
482  {
483  foreach ($this->_resources as $resourceId => $resource) {
484  foreach ($this->_rules['byResourceId'] as $resourceIdCurrent => $rules) {
485  if ($resourceId === $resourceIdCurrent) {
486  unset($this->_rules['byResourceId'][$resourceIdCurrent]);
487  }
488  }
489  }
490 
491  $this->_resources = array();
492 
493  return $this;
494  }
495 
506  public function allow($roles = null, $resources = null, $privileges = null, Zend_Acl_Assert_Interface $assert = null)
507  {
508  return $this->setRule(self::OP_ADD, self::TYPE_ALLOW, $roles, $resources, $privileges, $assert);
509  }
510 
521  public function deny($roles = null, $resources = null, $privileges = null, Zend_Acl_Assert_Interface $assert = null)
522  {
523  return $this->setRule(self::OP_ADD, self::TYPE_DENY, $roles, $resources, $privileges, $assert);
524  }
525 
535  public function removeAllow($roles = null, $resources = null, $privileges = null)
536  {
537  return $this->setRule(self::OP_REMOVE, self::TYPE_ALLOW, $roles, $resources, $privileges);
538  }
539 
549  public function removeDeny($roles = null, $resources = null, $privileges = null)
550  {
551  return $this->setRule(self::OP_REMOVE, self::TYPE_DENY, $roles, $resources, $privileges);
552  }
553 
606  public function setRule($operation, $type, $roles = null, $resources = null, $privileges = null,
607  Zend_Acl_Assert_Interface $assert = null)
608  {
609  // ensure that the rule type is valid; normalize input to uppercase
610  $type = strtoupper($type);
611  if (self::TYPE_ALLOW !== $type && self::TYPE_DENY !== $type) {
612  #require_once 'Zend/Acl/Exception.php';
613  throw new Zend_Acl_Exception("Unsupported rule type; must be either '" . self::TYPE_ALLOW . "' or '"
614  . self::TYPE_DENY . "'");
615  }
616 
617  // ensure that all specified Roles exist; normalize input to array of Role objects or null
618  if (!is_array($roles)) {
619  $roles = array($roles);
620  } else if (0 === count($roles)) {
621  $roles = array(null);
622  }
623  $rolesTemp = $roles;
624  $roles = array();
625  foreach ($rolesTemp as $role) {
626  if (null !== $role) {
627  $roles[] = $this->_getRoleRegistry()->get($role);
628  } else {
629  $roles[] = null;
630  }
631  }
632  unset($rolesTemp);
633 
634  // ensure that all specified Resources exist; normalize input to array of Resource objects or null
635  if ($resources !== null) {
636  if (!is_array($resources)) {
637  $resources = array($resources);
638  } else if (0 === count($resources)) {
639  $resources = array(null);
640  }
641  $resourcesTemp = $resources;
642  $resources = array();
643  foreach ($resourcesTemp as $resource) {
644  if (null !== $resource) {
645  $resources[] = $this->get($resource);
646  } else {
647  $resources[] = null;
648  }
649  }
650  unset($resourcesTemp, $resource);
651  } else {
652  $allResources = array(); // this might be used later if resource iteration is required
653  foreach ($this->_resources as $rTarget) {
654  $allResources[] = $rTarget['instance'];
655  }
656  unset($rTarget);
657  }
658 
659  // normalize privileges to array
660  if (null === $privileges) {
661  $privileges = array();
662  } else if (!is_array($privileges)) {
663  $privileges = array($privileges);
664  }
665 
666  switch ($operation) {
667 
668  // add to the rules
669  case self::OP_ADD:
670  if ($resources !== null) {
671  // this block will iterate the provided resources
672  foreach ($resources as $resource) {
673  foreach ($roles as $role) {
674  $rules =& $this->_getRules($resource, $role, true);
675  if (0 === count($privileges)) {
676  $rules['allPrivileges']['type'] = $type;
677  $rules['allPrivileges']['assert'] = $assert;
678  if (!isset($rules['byPrivilegeId'])) {
679  $rules['byPrivilegeId'] = array();
680  }
681  } else {
682  foreach ($privileges as $privilege) {
683  $rules['byPrivilegeId'][$privilege]['type'] = $type;
684  $rules['byPrivilegeId'][$privilege]['assert'] = $assert;
685  }
686  }
687  }
688  }
689  } else {
690  // this block will apply to all resources in a global rule
691  foreach ($roles as $role) {
692  $rules =& $this->_getRules(null, $role, true);
693  if (0 === count($privileges)) {
694  $rules['allPrivileges']['type'] = $type;
695  $rules['allPrivileges']['assert'] = $assert;
696  } else {
697  foreach ($privileges as $privilege) {
698  $rules['byPrivilegeId'][$privilege]['type'] = $type;
699  $rules['byPrivilegeId'][$privilege]['assert'] = $assert;
700  }
701  }
702  }
703  }
704  break;
705 
706  // remove from the rules
707  case self::OP_REMOVE:
708  if ($resources !== null) {
709  // this block will iterate the provided resources
710  foreach ($resources as $resource) {
711  foreach ($roles as $role) {
712  $rules =& $this->_getRules($resource, $role);
713  if (null === $rules) {
714  continue;
715  }
716  if (0 === count($privileges)) {
717  if (null === $resource && null === $role) {
718  if ($type === $rules['allPrivileges']['type']) {
719  $rules = array(
720  'allPrivileges' => array(
721  'type' => self::TYPE_DENY,
722  'assert' => null
723  ),
724  'byPrivilegeId' => array()
725  );
726  }
727  continue;
728  }
729 
730  if (isset($rules['allPrivileges']['type']) &&
731  $type === $rules['allPrivileges']['type'])
732  {
733  unset($rules['allPrivileges']);
734  }
735  } else {
736  foreach ($privileges as $privilege) {
737  if (isset($rules['byPrivilegeId'][$privilege]) &&
738  $type === $rules['byPrivilegeId'][$privilege]['type'])
739  {
740  unset($rules['byPrivilegeId'][$privilege]);
741  }
742  }
743  }
744  }
745  }
746  } else {
747  // this block will apply to all resources in a global rule
748  foreach ($roles as $role) {
754  foreach (array_merge(array(null), $allResources) as $resource) {
755  $rules =& $this->_getRules($resource, $role, true);
756  if (null === $rules) {
757  continue;
758  }
759  if (0 === count($privileges)) {
760  if (null === $role) {
761  if ($type === $rules['allPrivileges']['type']) {
762  $rules = array(
763  'allPrivileges' => array(
764  'type' => self::TYPE_DENY,
765  'assert' => null
766  ),
767  'byPrivilegeId' => array()
768  );
769  }
770  continue;
771  }
772 
773  if (isset($rules['allPrivileges']['type']) && $type === $rules['allPrivileges']['type']) {
774  unset($rules['allPrivileges']);
775  }
776  } else {
777  foreach ($privileges as $privilege) {
778  if (isset($rules['byPrivilegeId'][$privilege]) &&
779  $type === $rules['byPrivilegeId'][$privilege]['type'])
780  {
781  unset($rules['byPrivilegeId'][$privilege]);
782  }
783  }
784  }
785  }
786  }
787  }
788  break;
789 
790  default:
791  #require_once 'Zend/Acl/Exception.php';
792  throw new Zend_Acl_Exception("Unsupported operation; must be either '" . self::OP_ADD . "' or '"
793  . self::OP_REMOVE . "'");
794  }
795 
796  return $this;
797  }
798 
827  public function isAllowed($role = null, $resource = null, $privilege = null)
828  {
829  // reset role & resource to null
830  $this->_isAllowedRole = null;
831  $this->_isAllowedResource = null;
832  $this->_isAllowedPrivilege = null;
833 
834  if (null !== $role) {
835  // keep track of originally called role
836  $this->_isAllowedRole = $role;
837  $role = $this->_getRoleRegistry()->get($role);
838  if (!$this->_isAllowedRole instanceof Zend_Acl_Role_Interface) {
839  $this->_isAllowedRole = $role;
840  }
841  }
842 
843  if (null !== $resource) {
844  // keep track of originally called resource
845  $this->_isAllowedResource = $resource;
846  $resource = $this->get($resource);
847  if (!$this->_isAllowedResource instanceof Zend_Acl_Resource_Interface) {
848  $this->_isAllowedResource = $resource;
849  }
850  }
851 
852  if (null === $privilege) {
853  // query on all privileges
854  do {
855  // depth-first search on $role if it is not 'allRoles' pseudo-parent
856  if (null !== $role && null !== ($result = $this->_roleDFSAllPrivileges($role, $resource, $privilege))) {
857  return $result;
858  }
859 
860  // look for rule on 'allRoles' psuedo-parent
861  if (null !== ($rules = $this->_getRules($resource, null))) {
862  foreach ($rules['byPrivilegeId'] as $privilege => $rule) {
863  if (self::TYPE_DENY === ($ruleTypeOnePrivilege = $this->_getRuleType($resource, null, $privilege))) {
864  return false;
865  }
866  }
867  if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, null, null))) {
868  return self::TYPE_ALLOW === $ruleTypeAllPrivileges;
869  }
870  }
871 
872  // try next Resource
873  $resource = $this->_resources[$resource->getResourceId()]['parent'];
874 
875  } while (true); // loop terminates at 'allResources' pseudo-parent
876  } else {
877  $this->_isAllowedPrivilege = $privilege;
878  // query on one privilege
879  do {
880  // depth-first search on $role if it is not 'allRoles' pseudo-parent
881  if (null !== $role && null !== ($result = $this->_roleDFSOnePrivilege($role, $resource, $privilege))) {
882  return $result;
883  }
884 
885  // look for rule on 'allRoles' pseudo-parent
886  if (null !== ($ruleType = $this->_getRuleType($resource, null, $privilege))) {
887  return self::TYPE_ALLOW === $ruleType;
888  } else if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, null, null))) {
889  return self::TYPE_ALLOW === $ruleTypeAllPrivileges;
890  }
891 
892  // try next Resource
893  $resource = $this->_resources[$resource->getResourceId()]['parent'];
894 
895  } while (true); // loop terminates at 'allResources' pseudo-parent
896  }
897  }
898 
907  protected function _getRoleRegistry()
908  {
909  if (null === $this->_roleRegistry) {
910  $this->_roleRegistry = new Zend_Acl_Role_Registry();
911  }
912  return $this->_roleRegistry;
913  }
914 
927  {
928  $dfs = array(
929  'visited' => array(),
930  'stack' => array()
931  );
932 
933  if (null !== ($result = $this->_roleDFSVisitAllPrivileges($role, $resource, $dfs))) {
934  return $result;
935  }
936 
937  while (null !== ($role = array_pop($dfs['stack']))) {
938  if (!isset($dfs['visited'][$role->getRoleId()])) {
939  if (null !== ($result = $this->_roleDFSVisitAllPrivileges($role, $resource, $dfs))) {
940  return $result;
941  }
942  }
943  }
944 
945  return null;
946  }
947 
963  &$dfs = null)
964  {
965  if (null === $dfs) {
969  #require_once 'Zend/Acl/Exception.php';
970  throw new Zend_Acl_Exception('$dfs parameter may not be null');
971  }
972 
973  if (null !== ($rules = $this->_getRules($resource, $role))) {
974  foreach ($rules['byPrivilegeId'] as $privilege => $rule) {
975  if (self::TYPE_DENY === ($ruleTypeOnePrivilege = $this->_getRuleType($resource, $role, $privilege))) {
976  return false;
977  }
978  }
979  if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, $role, null))) {
980  return self::TYPE_ALLOW === $ruleTypeAllPrivileges;
981  }
982  }
983 
984  $dfs['visited'][$role->getRoleId()] = true;
985  foreach ($this->_getRoleRegistry()->getParents($role) as $roleParentId => $roleParent) {
986  $dfs['stack'][] = $roleParent;
987  }
988 
989  return null;
990  }
991 
1006  $privilege = null)
1007  {
1008  if (null === $privilege) {
1012  #require_once 'Zend/Acl/Exception.php';
1013  throw new Zend_Acl_Exception('$privilege parameter may not be null');
1014  }
1015 
1016  $dfs = array(
1017  'visited' => array(),
1018  'stack' => array()
1019  );
1020 
1021  if (null !== ($result = $this->_roleDFSVisitOnePrivilege($role, $resource, $privilege, $dfs))) {
1022  return $result;
1023  }
1024 
1025  while (null !== ($role = array_pop($dfs['stack']))) {
1026  if (!isset($dfs['visited'][$role->getRoleId()])) {
1027  if (null !== ($result = $this->_roleDFSVisitOnePrivilege($role, $resource, $privilege, $dfs))) {
1028  return $result;
1029  }
1030  }
1031  }
1032 
1033  return null;
1034  }
1035 
1052  $privilege = null, &$dfs = null)
1053  {
1054  if (null === $privilege) {
1058  #require_once 'Zend/Acl/Exception.php';
1059  throw new Zend_Acl_Exception('$privilege parameter may not be null');
1060  }
1061 
1062  if (null === $dfs) {
1066  #require_once 'Zend/Acl/Exception.php';
1067  throw new Zend_Acl_Exception('$dfs parameter may not be null');
1068  }
1069 
1070  if (null !== ($ruleTypeOnePrivilege = $this->_getRuleType($resource, $role, $privilege))) {
1071  return self::TYPE_ALLOW === $ruleTypeOnePrivilege;
1072  } else if (null !== ($ruleTypeAllPrivileges = $this->_getRuleType($resource, $role, null))) {
1073  return self::TYPE_ALLOW === $ruleTypeAllPrivileges;
1074  }
1075 
1076  $dfs['visited'][$role->getRoleId()] = true;
1077  foreach ($this->_getRoleRegistry()->getParents($role) as $roleParentId => $roleParent) {
1078  $dfs['stack'][] = $roleParent;
1079  }
1080 
1081  return null;
1082  }
1083 
1106  $privilege = null)
1107  {
1108  // get the rules for the $resource and $role
1109  if (null === ($rules = $this->_getRules($resource, $role))) {
1110  return null;
1111  }
1112 
1113  // follow $privilege
1114  if (null === $privilege) {
1115  if (isset($rules['allPrivileges'])) {
1116  $rule = $rules['allPrivileges'];
1117  } else {
1118  return null;
1119  }
1120  } else if (!isset($rules['byPrivilegeId'][$privilege])) {
1121  return null;
1122  } else {
1123  $rule = $rules['byPrivilegeId'][$privilege];
1124  }
1125 
1126  // check assertion first
1127  if ($rule['assert']) {
1128  $assertion = $rule['assert'];
1129  $assertionValue = $assertion->assert(
1130  $this,
1131  ($this->_isAllowedRole instanceof Zend_Acl_Role_Interface) ? $this->_isAllowedRole : $role,
1132  ($this->_isAllowedResource instanceof Zend_Acl_Resource_Interface) ? $this->_isAllowedResource : $resource,
1133  $this->_isAllowedPrivilege
1134  );
1135  }
1136 
1137  if (null === $rule['assert'] || $assertionValue) {
1138  return $rule['type'];
1139  } else if (null !== $resource || null !== $role || null !== $privilege) {
1140  return null;
1141  } else if (self::TYPE_ALLOW === $rule['type']) {
1142  return self::TYPE_DENY;
1143  } else {
1144  return self::TYPE_ALLOW;
1145  }
1146  }
1147 
1162  $create = false)
1163  {
1164  // create a reference to null
1165  $null = null;
1166  $nullRef =& $null;
1167 
1168  // follow $resource
1169  do {
1170  if (null === $resource) {
1171  $visitor =& $this->_rules['allResources'];
1172  break;
1173  }
1174  $resourceId = $resource->getResourceId();
1175  if (!isset($this->_rules['byResourceId'][$resourceId])) {
1176  if (!$create) {
1177  return $nullRef;
1178  }
1179  $this->_rules['byResourceId'][$resourceId] = array();
1180  }
1181  $visitor =& $this->_rules['byResourceId'][$resourceId];
1182  } while (false);
1183 
1184 
1185  // follow $role
1186  if (null === $role) {
1187  if (!isset($visitor['allRoles'])) {
1188  if (!$create) {
1189  return $nullRef;
1190  }
1191  $visitor['allRoles']['byPrivilegeId'] = array();
1192  }
1193  return $visitor['allRoles'];
1194  }
1195  $roleId = $role->getRoleId();
1196  if (!isset($visitor['byRoleId'][$roleId])) {
1197  if (!$create) {
1198  return $nullRef;
1199  }
1200  $visitor['byRoleId'][$roleId]['byPrivilegeId'] = array();
1201  $visitor['byRoleId'][$roleId]['allPrivileges'] = array('type' => null, 'assert' => null);
1202  }
1203  return $visitor['byRoleId'][$roleId];
1204  }
1205 
1206 
1211  public function getRegisteredRoles()
1212  {
1213  trigger_error('The method getRegisteredRoles() was deprecated as of '
1214  . 'version 1.0, and may be removed. You\'re encouraged '
1215  . 'to use getRoles() instead.');
1216 
1217  return $this->_getRoleRegistry()->getRoles();
1218  }
1219 
1228  public function getRoles()
1229  {
1230  return array_keys($this->_getRoleRegistry()->getRoles());
1231  }
1232 
1236  public function getResources()
1237  {
1238  return array_keys($this->_resources);
1239  }
1240 
1241 }
1242 
$_rules
Definition: Acl.php:115
_getRoleRegistry()
Definition: Acl.php:907
removeDeny($roles=null, $resources=null, $privileges=null)
Definition: Acl.php:549
const TYPE_ALLOW
Definition: Acl.php:64
$_roleRegistry
Definition: Acl.php:86
& _getRules(Zend_Acl_Resource_Interface $resource=null, Zend_Acl_Role_Interface $role=null, $create=false)
Definition: Acl.php:1161
isAllowed($role=null, $resource=null, $privilege=null)
Definition: Acl.php:827
const OP_ADD
Definition: Acl.php:74
$_isAllowedPrivilege
Definition: Acl.php:108
$_isAllowedResource
Definition: Acl.php:103
getResources()
Definition: Acl.php:1236
_roleDFSAllPrivileges(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource=null)
Definition: Acl.php:926
const TYPE_DENY
Definition: Acl.php:69
add(Zend_Acl_Resource_Interface $resource, $parent=null)
Definition: Acl.php:341
$resource
Definition: bulk.php:12
const OP_REMOVE
Definition: Acl.php:79
removeAll()
Definition: Acl.php:481
$type
Definition: item.phtml:13
$_isAllowedRole
Definition: Acl.php:98
removeRoleAll()
Definition: Acl.php:256
$_resources
Definition: Acl.php:93
inheritsRole($role, $inherit, $onlyParents=false)
Definition: Acl.php:208
hasRole($role)
Definition: Acl.php:188
deny($roles=null, $resources=null, $privileges=null, Zend_Acl_Assert_Interface $assert=null)
Definition: Acl.php:521
removeRole($role)
Definition: Acl.php:222
$roleId
Definition: webapi_user.php:22
addResource($resource, $parent=null)
Definition: Acl.php:283
_roleDFSVisitOnePrivilege(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource=null, $privilege=null, &$dfs=null)
Definition: Acl.php:1051
removeAllow($roles=null, $resources=null, $privileges=null)
Definition: Acl.php:535
getRole($role)
Definition: Acl.php:174
inherits($resource, $inherit, $onlyParent=false)
Definition: Acl.php:405
setRule($operation, $type, $roles=null, $resources=null, $privileges=null, Zend_Acl_Assert_Interface $assert=null)
Definition: Acl.php:606
_roleDFSVisitAllPrivileges(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource=null, &$dfs=null)
Definition: Acl.php:962
allow($roles=null, $resources=null, $privileges=null, Zend_Acl_Assert_Interface $assert=null)
Definition: Acl.php:506
_getRuleType(Zend_Acl_Resource_Interface $resource=null, Zend_Acl_Role_Interface $role=null, $privilege=null)
Definition: Acl.php:1105
getRegisteredRoles()
Definition: Acl.php:1211
getRoles()
Definition: Acl.php:1228
has($resource)
Definition: Acl.php:379
addRole($role, $parents=null)
Definition: Acl.php:148
_roleDFSOnePrivilege(Zend_Acl_Role_Interface $role, Zend_Acl_Resource_Interface $resource=null, $privilege=null)
Definition: Acl.php:1005