File code/core/Mage/Api2/Model/Acl/Global/Rule/ResourcePermission.php

  1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Api2
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * API2 Global ACL role resources permissions model
 29:  *
 30:  * @category    Mage
 31:  * @package     Mage_Api2
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Api2_Model_Acl_Global_Rule_ResourcePermission
 35:     implements Mage_Api2_Model_Acl_PermissionInterface
 36: {
 37:     /**
 38:      * Resources permissions
 39:      *
 40:      * @var array
 41:      */
 42:     protected $_resourcesPermissions;
 43: 
 44:     /**
 45:      * Role
 46:      *
 47:      * @var Mage_Api2_Model_Acl_Global_Role
 48:      */
 49:     protected $_role;
 50: 
 51:     /**
 52:      * Get resources permissions for selected role
 53:      *
 54:      * @return array
 55:      */
 56:     public function getResourcesPermissions()
 57:     {
 58:         if (null === $this->_resourcesPermissions) {
 59:             $roleConfigNodeName = $this->_role->getConfigNodeName();
 60:             $rulesPairs = array();
 61:             $allowedType = Mage_Api2_Model_Acl_Global_Rule_Permission::TYPE_ALLOW;
 62: 
 63:             if ($this->_role) {
 64:                 /** @var $rules Mage_Api2_Model_Resource_Acl_Global_Rule_Collection */
 65:                 $rules = Mage::getResourceModel('api2/acl_global_rule_collection');
 66:                 $rules->addFilterByRoleId($this->_role->getId());
 67: 
 68:                 /** @var $rule Mage_Api2_Model_Acl_Global_Rule */
 69:                 foreach ($rules as $rule) {
 70:                     $resourceId = $rule->getResourceId();
 71:                     $rulesPairs[$resourceId]['privileges'][$roleConfigNodeName][$rule->getPrivilege()] = $allowedType;
 72:                 }
 73:             } else {
 74:                 //make resource "all" as default for new item
 75:                 $rulesPairs = array(Mage_Api2_Model_Acl_Global_Rule::RESOURCE_ALL => $allowedType);
 76:             }
 77: 
 78:             //set permissions to resources
 79:             /** @var $config Mage_Api2_Model_Config */
 80:             $config = Mage::getModel('api2/config');
 81:             /** @var $privilegeSource Mage_Api2_Model_Acl_Global_Rule_Privilege */
 82:             $privilegeSource = Mage::getModel('api2/acl_global_rule_privilege');
 83:             $privileges = array_keys($privilegeSource->toArray());
 84: 
 85:             /** @var $node Varien_Simplexml_Element */
 86:             foreach ($config->getResources() as $resourceType => $node) {
 87:                 $resourceId = (string)$resourceType;
 88:                 $allowedRoles = (array)$node->privileges;
 89:                 $allowedPrivileges = array();
 90:                 if (isset($allowedRoles[$roleConfigNodeName])) {
 91:                     $allowedPrivileges = $allowedRoles[$roleConfigNodeName];
 92:                 }
 93:                 foreach ($privileges as $privilege) {
 94:                     if (empty($allowedPrivileges[$privilege])
 95:                         && isset($rulesPairs[$resourceId][$roleConfigNodeName]['privileges'][$privilege])
 96:                     ) {
 97:                         unset($rulesPairs[$resourceId][$roleConfigNodeName]['privileges'][$privilege]);
 98:                     } elseif (!empty($allowedPrivileges[$privilege])
 99:                         && !isset($rulesPairs[$resourceId][$roleConfigNodeName]['privileges'][$privilege])
100:                     ) {
101:                         $deniedType = Mage_Api2_Model_Acl_Global_Rule_Permission::TYPE_DENY;
102:                         $rulesPairs[$resourceId]['privileges'][$roleConfigNodeName][$privilege] = $deniedType;
103:                     }
104:                 }
105:             }
106:             $this->_resourcesPermissions = $rulesPairs;
107:         }
108:         return $this->_resourcesPermissions;
109:     }
110: 
111:     /**
112:      * Set filter value
113:      *
114:      * @param Mage_Api2_Model_Acl_Global_Role $role
115:      */
116:     public function setFilterValue($role)
117:     {
118:         if ($role && $role->getId()) {
119:             $this->_role = $role;
120:         }
121:     }
122: }
123:
Packages

Classes

Interfaces

Exceptions
