Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /**
- * Excerpt from my ACL implementation based on registries for roles, resources
- * and rules. Allows easy registry swapping (database, ...) and supports multiple
- * role and resource inheritance
- */
- public function isAllowed($role = null, $resource = null, $privilege = null)
- {
- $roles = array();
- array_push($roles, null);
- if ($role !== null)
- array_push($roles, $this->getRole($role));
- $resources = array();
- if ($resource !== null)
- $resource = $this->getResource($resource);
- do {
- $currentRole = array_pop($roles);
- array_push($resources, null);
- if ($resource !== null)
- array_push($resources, $resource);
- do {
- $currentResource = array_pop($resources);
- foreach (array($privilege, null) as $currentPrivilege) {
- if (!$this->hasRule(null, $currentRole, $currentResource, $currentPrivilege))
- continue;
- $rule = $this->getRule(null, $currentRole, $currentResource, $currentPrivilege);
- if ($rule->assert($this, $role, $resource, $privilege))
- return ($rule->getType() === Example_Acl_Rule::TYPE_ALLOW);
- }
- if ($currentResource === null)
- break;
- foreach ($this->getResourceParents($currentResource) as $currentResourceParent)
- array_push($resources, $currentResourceParent);
- } while (true);
- if ($currentRole === null)
- break;
- foreach ($this->getRoleParents($currentRole) as $currentRoleParent)
- array_push($roles, $currentRoleParent);
- } while (true);
- return false;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement