HCE Project DC service web UI  0.2
Hierarchical Cluster Engine DC service web UI
 All Classes Namespaces Files Functions Variables Pages
RightsFilter.php
Go to the documentation of this file.
1 <?php
10 class RightsFilter extends CFilter
11 {
12  protected $_allowedActions = array();
13 
22  protected function preFilter($filterChain)
23  {
24  // By default we assume that the user is allowed access
25  $allow = true;
26 
27  $user = Yii::app()->getUser();
28  $controller = $filterChain->controller;
29  $action = $filterChain->action;
30 
31  // Check if the action should be allowed
32  if ($this->_allowedActions !== '*' && in_array($action->id, $this->_allowedActions) === false) {
33  // Initialize the authorization item as an empty string
34  $authItem = '';
35 
36  // Append the module id to the authorization item name
37  // in case the controller called belongs to a module
38  if (($module = $controller->getModule()) !== null) {
39  $authItem .= ucfirst($module->id).'.';
40  }
41 
42  // Append the controller id to the authorization item name
43  $authItem .= ucfirst($controller->id);
44 
45  // Check if user has access to the controller
46  if ($user->checkAccess($authItem.'.*') !== true) {
47  // Append the action id to the authorization item name
48  $authItem .= '.'.ucfirst($action->id);
49 
50  // Check if the user has access to the controller action
51  if ($user->checkAccess($authItem) !== true) {
52  $allow = false;
53  }
54  }
55  }
56 
57  // User is not allowed access, deny access
58  if ($allow === false) {
59  $controller->accessDenied();
60 
61  return false;
62  }
63 
64  // Authorization item did not exist or the user had access, allow access
65  return true;
66  }
67 
74  public function setAllowedActions($allowedActions)
75  {
76  if ($allowedActions === '*') {
77  $this->_allowedActions = $allowedActions;
78  } else {
79  $this->_allowedActions = preg_split('/[\s,]+/', $allowedActions, -1, PREG_SPLIT_NO_EMPTY);
80  }
81  }
82 }