Last active
December 13, 2015 19:48
-
-
Save elialejandro/4965348 to your computer and use it in GitHub Desktop.
Acl Implementado en ALEXA CMS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Alexa/Acl.php | |
/** | |
* Implentación de Zend_Acl | |
* | |
* Implentemación estática de Zend_Acl hecha para cumplir con el proposito | |
* del desarrollo. | |
* | |
*/ | |
// Se hace include al modelo donde se encuentran almacenados los Roles | |
include_once APPLICATION_PATH . '/models/Roles.php'; | |
/** | |
* Alexa_Acl | |
* @author Eli Alejandro | |
* | |
*/ | |
class Alexa_Acl extends Zend_Acl | |
{ | |
public function __construct() | |
{ | |
// Agregando Roles | |
$this->addRole(new Zend_Acl_Role(Model_Roles::GUEST)) | |
->addRole(new Zend_Acl_Role(Model_Roles::ADMIN), Roles::GUEST) | |
->addRole(new Zend_Acl_Role(Model_Roles::SUPERADMIN)); | |
// Definiendo el acceso a los modulos | |
$this->allow(Model_Roles::GUEST, null, array('site')); | |
$this->allow(Model_Roles::ADMIN, null, array('admin')); | |
$this->allow(Model_Roles::SUPERADMIN); | |
// Aquí se establece a que partes no tendrá acceso un usuario determinado | |
$this->deny(Model_Roles::GUEST, null, array('admin')); | |
// Aquí se aplica un recurso para poder determinar quien puede acceder a ciertos datos. | |
$this->addResource(new Zend_Acl_Resource("admin")); | |
$this->deny(null, "admin"); | |
$this->allow(Model_Roles::ADMIN, "admin"); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* application/Bootstrap.php | |
*/ | |
class Bootstrap extends Zend_Application_Bootstrap_Bootstrap | |
{ | |
/** | |
* Esta función se encarga de inicializar algo llamado profiler | |
* en pocas palabras, presenta un resumen de las sentencias SQL | |
* ejecutadas y la duración de la ejecución. | |
*/ | |
protected function _initDatabaseProfiler() | |
{ | |
// Se inicializa el acceso a la base de datos con la configuración | |
// dada en application.ini | |
$this->bootstrap("db"); | |
$db = $this->getResource("db"); | |
// Aquí se marca como deben de devolverse los datos, | |
// en este caso se indica que deben de ser OBJETOS | |
$db->setFetchMode(Zend_Db::FETCH_OBJ); | |
// Verificando si el ambiente está como desarrollo, de lo contrario | |
// No se activa. | |
if ('development' == $this->getEnvironment()) { | |
$profiler = new Zend_Db_Profiler_Firebug('All DB Queries'); | |
$profiler->setEnabled(true); | |
$db->setProfiler($profiler); | |
} | |
} | |
/** | |
* Esta funcion se encarga de iniciar el control de acceso | |
*/ | |
public function _initAcl() | |
{ | |
// Iniciando la lista de control de acceso ( Access Control List - ACL ) | |
$acl = new Redam_Acl(); | |
Zend_Registry::set("acl", $acl); | |
// Si un usuario a iniciado sesión, entoncees se puede obtener su rol | |
// de lo contrario será identificado como un invitado | |
if ( Zend_Auth::getInstance()->hasIdentity() ) { | |
Zend_Registry::set("role", Zend_Auth::getInstance()->getIdentity()->rol ); | |
} else { | |
Zend_Registry::set("role", Model_Roles::GUEST); | |
} | |
$front = Zend_Controller_Front::getInstance(); | |
$front->registerPlugin(new Redam_Controller_Plugin_CheckAutorization()); | |
return true; | |
} | |
public function _initLogger() | |
{ | |
if( APPLICATION_ENV == 'development' ) { | |
$writer = new Zend_Log_Writer_Firebug(); | |
$log = new Zend_Log($writer); | |
Zend_Registry::set('log', $log); | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Alexa/Controller/Plugin/CheckAutorization.php | |
*/ | |
class Alexa_Controller_Plugin_CheckAutorization | |
extends Zend_Controller_Plugin_Abstract | |
{ | |
public function preDispatch(Zend_Controller_Request_Abstract $request) | |
{ | |
$acl = Zend_Registry::get("acl"); | |
$rol = Zend_Registry::get("role"); | |
$auth = Zend_Auth::getInstance(); | |
if ( !$auth->hasIdentity() | |
&& !$acl->isAllowed( $rol, | |
$request->getModuleName()) ) { | |
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper("redirector"); | |
$redirector->gotoUrlAndExit("/login"); | |
exit; | |
} | |
if ( $auth->hasIdentity() ) { | |
if ( !$acl->isAllowed( $rol, | |
$request->getModuleName()) ) { | |
$request->setActionName("no-autorized") | |
->setControllerName("error") | |
->setModuleName("site") | |
->setDispatched(true); | |
} | |
} | |
return; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* application/models/Roles.php | |
*/ | |
class Model_Roles | |
{ | |
// Constantes que definen a los Roles predeterminados | |
const SUPERADMIN = "superadmin"; | |
const ADMIN = "admin"; | |
const GUEST = "guest"; | |
private static $_roles = array( | |
Model_Roles::SUPERADMIN => "Super Administrador", | |
Model_Roles::ADMIN => "Administrador", | |
Model_Roles::GUEST => "Invitado", | |
); | |
/** | |
* Roles | |
* @return array | |
*/ | |
public static function getRoles() | |
{ | |
return self::$_roles; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment