Version 1.3.8: ACL-Implementation

system/Settings.php

@@ -2,6 +2,10 @@
 
 namespace Typemill;
 
+use Laminas\Permissions\Acl\Acl;
+use Laminas\Permissions\Acl\Role\GenericRole as Role;
+use Laminas\Permissions\Acl\Resource\GenericResource as Resource;
+
 class Settings
 {	
 	public static function loadSettings()
@@ -182,4 +186,61 @@ class Settings
 			$yaml->updateYaml('settings', 'settings.yaml', $settings);					
 		}
 	}
-}
+
+	public static function loadResources()
+	{
+		return ['content',
+				'user',
+				'userlist',
+				'settings',
+				'themes',
+				'plugins'];
+	}
+
+	public static function loadRolesAndPermissions()
+	{
+		$guest['name']			= 'guest';
+		$guest['inherits'] 		= NULL;
+		$guest['permissions']	= [];
+
+		$member['name']			= 'member';
+		$member['inherits'] 	= 'guest';
+		$member['permissions']	= ['user' => ['view','update','delete']];
+
+		$author['name']			= 'author';
+		$author['inherits']		= 'member';
+		$author['permissions']	= ['content' => ['view','create', 'update', 'delete']];
+
+		$editor['name']			= 'editor';
+		$editor['inherits']		= 'author';
+		$editor['permissions']	= ['content' => ['publish', 'depublish']];
+
+		return [$guest, $member, $author, $editor];
+	}
+
+	public static function createAcl($roles, $resources)
+	{
+		$acl = new Acl();
+
+		foreach($resources as $resource)
+		{
+			$acl->addResource(new Resource($resource));
+		}
+
+		# add administrator role
+		$acl->addRole(new Role('administrator'));
+		$acl->allow('administrator');
+
+		# add all other roles dynamically
+		foreach($roles as $role)
+		{
+			$acl->addRole(new Role($role['name']), $role['inherits']);
+			foreach($role['permissions'] as $resource =>  $permissions)
+			{
+				$acl->allow($role['name'], $resource, $permissions);
+			}
+		}
+
+		return $acl;
+	}
+}