* @param string $roleUri * @param string $accessUri * @return mixed */ public function add($roleUri, $accessUri) { $uri = explode('#', $accessUri); list($type, $ext, $mod, $act) = explode('_', $uri[1]); $role = new \core_kernel_classes_Resource($roleUri); $module = new \core_kernel_classes_Resource($this->makeEMAUri($ext, $mod)); $actionAccessProperty = new \core_kernel_classes_Property(static::PROPERTY_ACL_GRANTACCESS); $moduleAccessProperty = new \core_kernel_classes_Property(static::PROPERTY_ACL_GRANTACCESS); $values = $role->getPropertyValues($actionAccessProperty); if (!in_array($accessUri, $values)) { $role->setPropertyValue($actionAccessProperty, $accessUri); $this->getEventManager()->trigger(new AccessRightAddedEvent($roleUri, $accessUri)); $controllerClassName = MapHelper::getControllerFromUri($module->getUri()); CacheHelper::flushControllerAccess($controllerClassName); } else { \common_Logger::w('Tried to regrant access for role ' . $role->getUri() . ' to action ' . $accessUri); } } /** * Short description of method remove * * @access public * @author Jehan Bihin, * @param string $roleUri * @param string $accessUri * @return mixed */ public function remove($roleUri, $accessUri) { $uri = explode('#', $accessUri); list($type, $ext, $mod, $act) = explode('_', $uri[1]); $role = new \core_kernel_classes_Class($roleUri); $actionAccessProperty = new \core_kernel_classes_Property(static::PROPERTY_ACL_GRANTACCESS); $module = new \core_kernel_classes_Resource($this->makeEMAUri($ext, $mod)); $controllerClassName = MapHelper::getControllerFromUri($module->getUri()); // access via controller? $controllerAccess = CacheHelper::getControllerAccess($controllerClassName); if (in_array($roleUri, $controllerAccess['module'])) { // remove access to controller ModuleAccessService::singleton()->remove($roleUri, $module->getUri()); // add access to all other actions foreach (ModelHelper::getActions($module) as $action) { if ($action->getUri() != $accessUri) { $this->add($roleUri, $action->getUri()); $this->getEventManager()->trigger(new AccessRightAddedEvent($roleUri, $action->getUri())); } } } elseif (isset($controllerAccess['actions'][$act]) && in_array($roleUri, $controllerAccess['actions'][$act])) { // remove action only $role->removePropertyValues($actionAccessProperty, ['pattern' => $accessUri]); $this->getEventManager()->trigger(new AccessRightRemovedEvent($roleUri, $accessUri)); CacheHelper::flushControllerAccess($controllerClassName); } } }