API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 4th, 2010
307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.22 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class Application_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract {
  3.     const UNAUTHORIZED_ACCESS = 'UNAUTHORIZED_ACCESS';
  4.  
  5.     // at first i tried routeStartup by that will mean controller and actions will be unknown
  6.     function preDispatch(Zend_Controller_Request_Abstract $req) {
  7.         // get role from Zend_Auth, if not logged in, use 'guest'
  8.         $auth = Zend_Auth::getInstance();
  9.         if ($auth->hasIdentity()) {
  10.             $role = $auth->getIdentity();
  11.         } else {
  12.             $role = 'guest';
  13.         }
  14.        
  15.         // get ACL
  16.         $acl = Zend_Registry::get('aclWrapper');
  17.        
  18.         // set resource & privilege based on controller & action
  19.         $resource = $req->getControllerName();
  20.         $privilege = $req->getActionName();
  21.  
  22.         // "plugin": modify resource if is isset
  23.         $id = $req->getParam('id');
  24.         if (!empty($id)) {
  25.             $em = Zend_Registry::get('em');
  26.             switch ($resource) {
  27.                 case 'posts':
  28.                     $post = $em->getRepository('Application\\Models\\Post')
  29.                                ->findOneById($id);
  30.                     if (!empty($post)) {
  31.                         $resource = $post;
  32.                     }  
  33.                     break;
  34.                 case 'users':
  35.                     $user = $em->getRepository('Application\\Models\\User')
  36.                                ->findOneById($id);
  37.                     if (!empty($user)) {
  38.                         $resource = $user;
  39.                     }
  40.                     break;
  41.             }          
  42.         }
  43.  
  44.         if (!$acl->isAllowed($role, $resource, $privilege)) {
  45.             $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
  46.             if (!$auth->hasIdentity()) {
  47.                 // login required
  48.                 $flashMessenger = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
  49.                 $flashMessenger->addMessage('You need to login first');
  50.                 $redirector->gotoSimple('login', 'auth', 'default', array(
  51.                                     'returnUrl' => urlencode($req->getRequestUri())
  52.                                     ));
  53.                
  54.             } else {
  55.                 // not enough privilege
  56.                 $error = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS);
  57.                 $error->type = self::UNAUTHORIZED_ACCESS;
  58.                 $error->request = clone $req;
  59.                 $error->exception = new Zend_Acl_Exception('Access Denied', 403);
  60.                 $req->setControllerName('error')
  61.                     ->setActionName('error')
  62.                     ->setParams(array(
  63.                         'error_handler' => $error,
  64.                         'returnUrl' => urlencode($req->getRequestUri())
  65.                     ))
  66.                     ->setDispatched(false);
  67.             }
  68.         }
  69.     }
  70. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!