AclControllerPlugin

gistfile1.php

<?php
/**
 * WebPatterns (http://webpatterns.com.br/)
 *
 * @copyright Copyright (c) 2014-2014. (http://www.webpatterns.com.br)
 * @license   http://webpatterns.com.br/license
 */

namespace WPAcl\Plugin;

use Zend\Mvc\Controller\Plugin\AbstractPlugin;
use Zend\Mvc\MvcEvent;

class AclControllerPlugin extends AbstractPlugin
{
    public function preDispatch(MvcEvent $e)
    {
        /**
         * @var $controller \Zend\Mvc\Controller\AbstractController
         */
        $controller = $e->getTarget();

        if ($controller->identity() === null) {
            $controller->flashMessenger()->addInfoMessage('Você foi desconectado');
            return $controller->redirect()->toRoute('auth', array('controller' => 'auth', 'action' => 'login'));
        }

        $role = $controller->identity()->getRole()->getName();
        /**
         * @var $acl \WPAcl\Acl\PermissionControl
         */
        $acl = $controller->getServiceLocator()->get('acl.permission.control');

        $routeMatch = $e->getRouteMatch();
        $controller = $routeMatch->getParam('controller');
        $action     = $routeMatch->getParam('action');

        if(!$acl->hasResource($controller)){
            throw new \Exception('Resource ' . $controller . ' not defined');
        }

        if (!$acl->isAllowed($role, $controller, $action)) {
            return $controller->redirect()->toRoute('home', array('controller' => 'home', 'action' => 'index'));
        }
    }

}