Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class App_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
- {
- protected $_auth = null;
- protected $_acl = null;
- public function __construct()
- {
- // get the zend auth instance and the acl service
- $this->_auth = Zend_Auth::getInstance();
- $this->_acl = new Service_Acl();
- // save acl in registry so we can use it in navigation
- Zend_Registry::set('acl', $this->_acl);
- }
- public function preDispatch(Zend_Controller_Request_Abstract $request)
- {
- // set a standard resource
- $role = 'Guest';
- // if we have identity, get the role name from identity
- if($this->_auth->hasIdentity()) {
- $role = $this->_auth->getIdentity()->Role->name;
- }
- // generate a resource from the requested module and controller
- $resource = $request->getModuleName() . ':' . $request->getControllerName();
- // lets see if the resource exists
- if(!$this->_acl->has($resource)) {
- // if not set it to null so we dont get : as a resource
- $resource = null;
- }
- // check if we are allowed to the specific resource and action
- if(!$this->_acl->isAllowed($role, $resource, $request->getActionName())) {
- // if we dont have an identity, redirect to login
- if(!$this->_auth->hasIdentity()) {
- $request->setModuleName('auth')
- ->setControllerName('index')
- ->setActionName('login');
- } else {
- // but if we DO have, redirect to denied
- $request->setModuleName('auth')
- ->setControllerName('index')
- ->setActionName('denied');
- }
- }
- }
- }
Add Comment
Please, Sign In to add comment