Administrator / my-new-semena

Blame view

src/lib/security.php 2.94 KB
Edit Raw Normal View History
1ea3b987   Administrator   maby first commit 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
  <?php

  

  use Phalcon\Events\Event,

      Phalcon\Mvc\User\Plugin,

      Phalcon\Mvc\Dispatcher,

      Phalcon\Acl;

  

      class security extends Plugin

      {

          public function getAcl()

          {

              if (!isset($this->persistent->acl)) {

  

                  $acl = new Phalcon\Acl\Adapter\Memory();

  

                  $acl->setDefaultAction(Phalcon\Acl::DENY);

  

                  //Register roles

                  $roles = array(

                      "admin" => new Phalcon\Acl\Role('Admin'),

                      'guests' => new Phalcon\Acl\Role('Guests'),

                      'user' => new Phalcon\Acl\Role('User'),

                      'staff' => new Phalcon\Acl\Role('Staff')

                  );

                  foreach ($roles as $role) {

                      $acl->addRole($role);

                  }

  

                  //Private area resources

                  $adminResources = array(

                      "seo"=>array("index")

  

                  );

  

                  foreach ($adminResources as $resource => $actions) {

                      $acl->addResource(new Phalcon\Acl\Resource($resource), $actions);

                  }

  

                  //Public area resources

                  $publicResources = array(

                      'page' => array('index','login',"logout")

                  );

                  foreach ($publicResources as $resource => $actions) {

                      $acl->addResource(new Phalcon\Acl\Resource($resource), $actions);

                  }

  

                  //Grant access to public areas

                  foreach ($roles as $role) {

                      foreach ($publicResources as $resource => $actions) {

                          $acl->allow($role->getName(), $resource, '*');

                      }

                  }

  

                  //Grant acess to private area to role Admin

                  foreach ($adminResources as $resource => $actions) {

                      foreach ($actions as $action){

                          $acl->allow('Admin', $resource, $action);

                      }

                  }

  

                  //The acl is stored in session, APC would be useful here too

                  $this->persistent->acl = $acl;

              }

  

              return $this->persistent->acl;

          }

  

          /**

           * This action is executed before execute any action in the application

           */

          public function check(Dispatcher $dispatcher)

          {

  

              $controller = $dispatcher->getControllerName();

              $action = $dispatcher->getActionName();

  

              $acl = $this->getAcl();

              if ($this->session->get("user-status")){

                  $status = $this->session->get("user-status");

              } else {

                  $status = 'Guests';

              }

  

              $allowed = $acl->isAllowed($status, $controller, $action);

              if ($allowed) {

                  return true;

              } else {

                  return false;

              }

  

          }

  

  }