Permalink
Browse files

Merge branch 'feature/acl-interface' of https://github.com/extr3m0/zf2

…into feature/2374
  • Loading branch information...
2 parents bf65e9a + ab9a46a commit 465ca3819225e1455fca0af12917b66418d903ac @weierophinney weierophinney committed Sep 18, 2012
@@ -15,7 +15,7 @@
* @package Zend_Permissions
* @subpackage Acl
*/
-class Acl
+class Acl implements AclInterface
{
/**
* Rule type: allow
@@ -0,0 +1,57 @@
+<?php
+/**
+ * Zend Framework (http://framework.zend.com/)
+ *
+ * @link http://github.com/zendframework/zf2 for the canonical source repository
+ * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license http://framework.zend.com/license/new-bsd New BSD License
+ * @package Zend_Permissions
+ */
+
+namespace Zend\Permissions\Acl;
+
+/**
+ * @category Zend
+ * @package Zend_Permissions
+ * @subpackage Acl
+ */
+interface AclInterface
+{
+ /**
+ * Returns true if and only if the Resource exists in the ACL
+ *
+ * The $resource parameter can either be a Resource or a Resource identifier.
+ *
+ * @param Resource\ResourceInterface|string $resource
+ * @return boolean
+ */
+ public function hasResource($resource);
+
+ /**
+ * Returns true if and only if the Role has access to the Resource
+ *
+ * The $role and $resource parameters may be references to, or the string identifiers for,
+ * an existing Resource and Role combination.
+ *
+ * If either $role or $resource is null, then the query applies to all Roles or all Resources,
+ * respectively. Both may be null to query whether the ACL has a "blacklist" rule
+ * (allow everything to all). By default, Zend_Acl creates a "whitelist" rule (deny
+ * everything to all), and this method would return false unless this default has
+ * been overridden (i.e., by executing $acl->allow()).
+ *
+ * If a $privilege is not provided, then this method returns false if and only if the
+ * Role is denied access to at least one privilege upon the Resource. In other words, this
+ * method returns true if and only if the Role is allowed all privileges on the Resource.
+ *
+ * This method checks Role inheritance using a depth-first traversal of the Role registry.
+ * The highest priority parent (i.e., the parent most recently added) is checked first,
+ * and its respective parents are checked similarly before the lower-priority parents of
+ * the Role are checked.
+ *
+ * @param Role\RoleInterface|string $role
+ * @param Resource\ResourceInterface|string $resource
+ * @param string $privilege
+ * @return boolean
+ */
+ public function isAllowed($role = null, $resource = null, $privilege = null);
+}
@@ -69,7 +69,7 @@
/**
* ACL to use when iterating pages
*
- * @var Acl\Acl
+ * @var Acl\AclInterface
*/
protected $acl;
@@ -119,7 +119,7 @@
* Default ACL to use when iterating pages if not explicitly set in the
* instance by calling {@link setAcl()}
*
- * @var Acl\Acl
+ * @var Acl\AclInterface
*/
protected static $defaultAcl;
@@ -316,10 +316,10 @@ public function getIndent()
*
* Implements {@link HelperInterface::setAcl()}.
*
- * @param Acl\Acl $acl [optional] ACL object. Default is null.
+ * @param Acl\AclInterface $acl [optional] ACL object. Default is null.
* @return AbstractHelper fluent interface, returns self
*/
- public function setAcl(Acl\Acl $acl = null)
+ public function setAcl(Acl\AclInterface $acl = null)
{
$this->acl = $acl;
return $this;
@@ -331,7 +331,7 @@ public function setAcl(Acl\Acl $acl = null)
*
* Implements {@link HelperInterface::getAcl()}.
*
- * @return Acl\Acl|null ACL object or null
+ * @return Acl\AclInterface|null ACL object or null
*/
public function getAcl()
{
@@ -844,11 +844,11 @@ protected function normalizeId($value)
/**
* Sets default ACL to use if another ACL is not explicitly set
*
- * @param Acl\Acl $acl [optional] ACL object. Default is null, which
+ * @param Acl\AclInterface $acl [optional] ACL object. Default is null, which
* sets no ACL object.
* @return void
*/
- public static function setDefaultAcl(Acl\Acl $acl = null)
+ public static function setDefaultAcl(Acl\AclInterface $acl = null)
{
self::$defaultAcl = $acl;
}
@@ -45,16 +45,16 @@ public function getContainer();
/**
* Sets ACL to use when iterating pages
*
- * @param Acl\Acl $acl [optional] ACL instance
+ * @param Acl\AclInterface $acl [optional] ACL instance
* @return HelperInterface fluent interface, returns self
*/
- public function setAcl(Acl\Acl $acl = null);
+ public function setAcl(Acl\AclInterface $acl = null);
/**
* Returns ACL or null if it isn't set using {@link setAcl()} or
* {@link setDefaultAcl()}
*
- * @return Acl\Acl|null ACL object or null
+ * @return Acl\AclInterface|null ACL object or null
*/
public function getAcl();

0 comments on commit 465ca38

Please sign in to comment.