<?php
namespace App\Libraries;
class Acl {
/**
* Configuration
*
* @var \App\Config\Acl
*/
private $_rules = array();
private $_alwaysAllowed = array();
function __construct() {
$this->_rules = config('App\\Config\\Acl')->acl;
$this->_alwaysAllowed = config('App\\Config\\Acl')->alwaysAllowed;
}
/**
* Verify if a given path is allowed or not.
*
* @param String $urn - Required. The Uniform Resource Name e.g.: admin/users/add
* @param String $group - Required. Group names or ID. e.g.: admin,group1,group2,group3,1,2,3...
* @return Boolean
*/
public function isAllowed($urn, $group) {
//check if the group is in the Always Allowed List
if(in_array($group, $this->_alwaysAllowed))
{
//d('Always Allowed');
return TRUE;
}
// default result is 'not allowed'
$result = FALSE;
$urnArray = explode('/', $urn);
$urnAll = $urnArray[0] . '/*';
// if given path doesn't exists then, deny.
// otherwise, validates it.
if (isset($this->_rules[$urnAll])) { //Checa se existe uma regra para a seção INTEIRA, Exemplo welcome/*
// retrieve identified groups
$groups = array_keys($this->_rules[$urnAll]);
$groupsToTest = explode(',', $group);
foreach ($groupsToTest as $g) {
$result = (in_array($g, $groups) && $this->_rules[$urnAll][$g]) ? TRUE : FALSE;
if ($result)
break;
}
}
elseif (isset($this->_rules[$urn])) {
// retrieve identified groups
$groups = array_keys($this->_rules[$urn]);
$groupsToTest = explode(',', $group);
foreach ($groupsToTest as $g) {
$result = (in_array($g, $groups) && $this->_rules[$urn][$g]) ? TRUE : FALSE;
if ($result)
break;
}
}// isset($this->_rules[$urn])
return $result;
}
// is_allowed
/**
* Verify exclusively if the given path is public to read.
* @param String $urn - Required.
* @return Boolean
*/
public function isPublic($urn)
{
return (isset($this->_rules[$urn]) && isset($this->_rules[$urn][0]) && strtolower($this->_rules[$urn][0]) == 'public' ) ? TRUE : FALSE;
}// is_public
}
// class
/* End of file Acl.php */
/* Location: ./application/libraries/Acl.php */
