PHP ACL find controller inside namespace

I'm trying to setup ACL, and it works find.

But now i have a problem, becuase I use folders in my controllers to have more structer. It's all setup as a namespace like this:

Controllers\admin\index Controllers\frontpage\index

But if I set index to private, the index in frontpage AND admin is effected.. I only need admin.. I use Vokuro

This is my code:

Inside my ACL ( Just whats important )

    private $privateResources = array(
        'index' => array(
            'index' 
        )
    );

And in my ControllerBase

    $controllerName = $dispatcher->getControllerName();

        $this->acl->rebuild();

        // Only check permissions on private controllers
        if ($this->acl->isPrivate($controllerName)) {

            // Get the current identity
            $identity = $this->auth->getIdentity();

            // If there is no identity available the user is redirected to index/index
            if (!is_array($identity)) {

                $this->view->disable();
                echo 'No access.';
                return false;

            }
            // Check if the user have permission to the current option
            $actionName = $dispatcher->getActionName();

            if (!$this->acl->isAllowed($identity['rank'], $controllerName, $actionName)) {

                $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName);

                if ($this->acl->isAllowed($identity['rank'], $controllerName, 'index')) {
                    $dispatcher->forward(array(
                        'controller' => $controllerName,
                        'action' => 'index'
                    ));
                } else {
                    $this->view->disable();
                    $dispatcher->forward(array(
                        'controller' => 'index',
                        'action' => 'index'
                    ));
                }

                return false;
            }

        }

I know that this is alot of code, but I hope someone got the answer for me, thanks!



44.7k
edited Dec '15

Look at your post again to see how to highlight the PHP code.

I have a project that is a heavily modifed Vokuro setup. Here are some relevant files:

The namespaces of the module, controller and action combination are really separate from from the ACL list and the security permission check on it. After that check is successful in the Security. I'm using a security plugin that is added to he dispatcher.

edited Dec '15

Thanks for your answer. I found a solution by my self, your code looks greate, I just like how my code is now - So I did this:

    public function isPrivate($controllerName)
    {
        $controllerName = $controllerName;

        $getNamespace = substr(strrchr($controllerName,'\\'), 1);
        $namespace = substr($controllerName, 0, - strlen($getNamespace));
        $getController = preg_match("/[^\\\]+$/", $controllerName, $controller);

        $controllerName = $namespace.strtolower($controller[0]);

        return isset($this->privateResources[$controllerName]);
    }

EDIT: I can't set the code view to PHP?



44.7k

Add an extra line before the triple tilde.