_acl = $acl;
}
/**
* Here we only check for the basic action access permissions.
* In Monkeys_Controller_Action we check for more specific permissions
*/
public function preDispatch($request)
{
if (!Zend_Registry::get('config')->environment->installed
&& $request->getModuleName() != 'install'
&& $request->getControllerName() != 'error')
{
$request->setModuleName('install');
$request->setControllerName('index');
$request->setActionName('index');
return;
}
if (Zend_Registry::isRegistered('user')) {
// used by unit tests to inject the logged-in user
$user= Zend_Registry::get('user');
} else {
$auth = Zend_Auth::getInstance();
$users = new Users_Model_Users();
if ($auth->hasIdentity()) {
$user = $auth->getStorage()->read();
$user->init();
// reactivate row as live data
$user->setTable($users);
} else {
// guest user
$user = $users->createRow();
}
Zend_Registry::set('user', $user);
}
$resource = $request->getModuleName() . '_' . $request->getControllerName();
if (!$this->_acl->has($resource)) {
//echo "role: " . $user->role . " - resource: $resource - privilege: " . $request->getActionName() . "
\n";
throw new Monkeys_BadUrlException($this->getRequest()->getRequestUri());
}
// if an admin is not allowed for this action, then the action doesn't exist
if (!$this->_acl->isAllowed(Users_Model_User::ROLE_ADMIN, $resource, $request->getActionName())) {
//echo "role: " . $user->role . " - resource: $resource - privilege: " . $request->getActionName() . "
\n";
throw new Monkeys_BadUrlException($this->getRequest()->getRequestUri());
}
if (!$this->_acl->isAllowed($user->role, $resource, $request->getActionName())) {
//echo "role: " . $user->role . " - resource: $resource - privilege: " . $request->getActionName() . "
\n";
throw new Monkeys_AccessDeniedException();
}
}
}