rel #46123 : MenuGaucheAdmin display on factorised acls rules

b3fc75b4 · Patrick Barroca · 883c55b4 · b3fc75b4 · b3fc75b4 · b3fc75b4
Commit b3fc75b4 authored 8 years ago by Patrick Barroca
--- a/library/ZendAfi/Acl/AdminControllerGroup.php
+++ b/library/ZendAfi/Acl/AdminControllerGroup.php
@@ -21,6 +21,8 @@


 class ZendAfi_Acl_AdminControllerGroup {
+  protected static $_acl;
+
  protected
    $_mapping = ['formation' => Class_UserGroup::RIGHT_DIRIGER_FORMATION,
                 'catalogue' => [Class_UserGroup::RIGHT_USER_DOMAINES_SUPPRESSION_LIMIT,
@@ -29,24 +31,72 @@ class ZendAfi_Acl_AdminControllerGroup {
                 'modo' => Class_UserGroup::RIGHT_USER_MODO,
                 'modo/membreview' => Class_UserGroup::RIGHT_USER_INSCRIPTIONS,
                 'album' => Class_UserGroup::RIGHT_USER_BIB_NUM,
+                 'album/dilicom' => null, // do not handle by group
                 'bibnum' => Class_UserGroup::RIGHT_USER_BIB_NUM,
-                 'opds' => Class_UserGroup::RIGHT_USER_BIB_NUM,
+                 'opds' => Class_UserGroup::RIGHT_USER_OPDS_READ,
                 'oai' => Class_UserGroup::RIGHT_USER_BIB_NUM,
                 'frbr-link' => Class_UserGroup::RIGHT_USER_NOTICES_LIEES,
-    ];
+                 'users' => Class_UserGroup::RIGHT_USER_SIGB_USER_READ,
+    ],
+
+    $_activated = [];
+
+
+  public function __construct() {
+    $this->_activated =  ['formation' => Class_AdminVar::isFormationEnabled(),
+                          'album' => Class_AdminVar::isBibNumEnabled(),
+                          'oai' => Class_AdminVar::isBibNumEnabled(),
+                          'ead' => Class_AdminVar::isBibNumEnabled(),
+                          'harvest/arte-vod-browse' => Class_AdminVar::isArteVODEnabled(),
+                          'harvest/vodeclic-browse' => Class_AdminVar::isVodeclicEnabled(),
+                          'harvest/orphea-browse' => Class_AdminVar::isOrpheaEnabled(),
+                          'harvest/numerique-premium-browse' => Class_AdminVar::isNumeriquePremiumEnabled(),
+                          'harvest/numilog-browse' => Class_AdminVar::isNumilogEnabled(),
+                          'harvest/jamendo-browse' => Class_AdminVar::isJamendoEnabled(),
+                          'harvest/soundcloud' => Class_AdminVar::isSoundCloudEnabled(),
+                          'harvest/assimil-browse' => Class_AdminVar::isAssimilEnabled(),
+                          'sito/create' => Class_AdminVar::isSitoInAlbums(),
+                          'harvest/toutapprendre-browse' => Class_AdminVar::isToutApprendreEnabled(),
+                          'album/dilicom' => Class_AdminVar::isDilicomPNBEnabled(),
+                          'premier-chapitre' => Class_AdminVar::isPremierChapitreEnabled(),
+                          'i18n' => Class_AdminVar::isTranslationEnabled(),
+                          'stat/piwik' => (new Class_AdminVar_Piwik())->isEnabled(),
+                          'multimedia' => Class_AdminVar::isMultimediaEnabled()];
+  }


  public function isAllowed($user, $controller, $action) {
+    // activation checks
+    if (array_key_exists($controller.'/'.$action, $this->_activated)
+        && !$this->_activated[$controller.'/'.$action])
+      return false;
+
+    if (array_key_exists($controller, $this->_activated)
+        && !$this->_activated[$controller])
+      return false;
+
+    // admins always allowed
+    if ($user->isAdmin())
+      return true;
+
    $right = $this->_rightFor($controller, $action);
+
    if ($this->_shouldHandleByGroup($user, $right))
      return $this->_isAllowedByGroup($user, $right);

-    $acl = new ZendAfi_Acl_AdminControllerRoles();
+    $acl = $this->getAcl();
    return $acl->isAllowed($user->getRole(),
                           $acl->has($controller) ? $controller : null);
  }


+  protected function getAcl() {
+    return static::$_acl
+      ? static::$_acl
+      : static::$_acl = new ZendAfi_Acl_AdminControllerRoles() ;
+  }
+
+
  protected function _rightFor($controller, $action) {
    if (array_key_exists($controller.'/'.$action, $this->_mapping))
      return $this->_mapping[$controller.'/'.$action];

--- a/library/ZendAfi/Acl/AdminControllerRoles.php
+++ b/library/ZendAfi/Acl/AdminControllerRoles.php
@@ -82,6 +82,7 @@ class ZendAfi_Acl_AdminControllerRoles extends Zend_Acl {
    $this->add(new Zend_Acl_Resource('upload'));
    $this->add(new Zend_Acl_Resource('modules'));
    $this->add(new Zend_Acl_Resource('ajax'));
+    $this->add(new Zend_Acl_Resource('external-agendas'));

    //Roles
    $this->addRole(new Zend_Acl_Role('invite'));
@@ -119,6 +120,7 @@ class ZendAfi_Acl_AdminControllerRoles extends Zend_Acl {
    $this->allow('admin_bib','profil');
    $this->allow('admin_bib','modo');
    $this->allow('admin_bib','menus');
+    $this->allow('admin_bib','external-agendas');

    $this->allow('modo_portail');
    $this->allow('admin_portail');

--- a/library/ZendAfi/View/Helper/Admin/MenuGaucheAdmin.php
+++ b/library/ZendAfi/View/Helper/Admin/MenuGaucheAdmin.php