/**
     * Excerpt from my ACL implementation based on registries for roles, resources
     * and rules. Allows easy registry swapping (database, ...) and supports multiple
     * role and resource inheritance
     */
    public function isAllowed($role = null, $resource = null, $privilege = null)
    {
        $roles = array();

        array_push($roles, null);

        if ($role !== null)
            array_push($roles, $this->getRole($role));

        $resources = array();

        if ($resource !== null)
            $resource = $this->getResource($resource);

        do {
            $currentRole = array_pop($roles);

            array_push($resources, null);

            if ($resource !== null)
                array_push($resources, $resource);

            do {
                $currentResource = array_pop($resources);

                foreach (array($privilege, null) as $currentPrivilege) {
                    if (!$this->hasRule(null, $currentRole, $currentResource, $currentPrivilege))
                        continue;

                    $rule = $this->getRule(null, $currentRole, $currentResource, $currentPrivilege);

                    if ($rule->assert($this, $role, $resource, $privilege))
                        return ($rule->getType() === Example_Acl_Rule::TYPE_ALLOW);
                }

                if ($currentResource === null)
                    break;

                foreach ($this->getResourceParents($currentResource) as $currentResourceParent)
                    array_push($resources, $currentResourceParent);
            } while (true);

            if ($currentRole === null)
                break;

            foreach ($this->getRoleParents($currentRole) as $currentRoleParent)
                array_push($roles, $currentRoleParent);
        } while (true);

        return false;
    }