protected function insertOrUpdateAccess($roleName, $resourceName, $accessName, $action)
{
/**
* Check if the access is valid in the resource unless wildcard
*/
if ($resourceName !== '*' && $accessName !== '*') {
$sql = "SELECT COUNT(*) FROM {$this->resourcesAccesses} WHERE resources_name = ? AND access_name = ?";
$exists = $this->connection->fetchOne($sql, null, [$resourceName, $accessName]);
if (!$exists[0]) {
throw new Exception("Access '{$accessName}' does not exist in resource '{$resourceName}' in ACL");
}
}
/**
* Update the access in access_list
*/
$sql = "SELECT COUNT(*) FROM {$this->accessList} " . " WHERE roles_name = ? AND resources_name = ? AND access_name = ?";
$exists = $this->connection->fetchOne($sql, null, [$roleName, $resourceName, $accessName]);
if (!$exists[0]) {
$sql = "INSERT INTO {$this->accessList} VALUES (?, ?, ?, ?)";
$params = [$roleName, $resourceName, $accessName, $action];
} else {
$sql = "UPDATE {$this->accessList} SET allowed = ? " . "WHERE roles_name = ? AND resources_name = ? AND access_name = ?";
$params = [$action, $roleName, $resourceName, $accessName];
}
$this->connection->execute($sql, $params);
/**
* Update the access '*' in access_list
*/
$sql = "SELECT COUNT(*) FROM {$this->accessList} " . "WHERE roles_name = ? AND resources_name = ? AND access_name = ?";
$exists = $this->connection->fetchOne($sql, null, [$roleName, $resourceName, '*']);
if (!$exists[0]) {
$sql = "INSERT INTO {$this->accessList} VALUES (?, ?, ?, ?)";
$this->connection->execute($sql, [$roleName, $resourceName, '*', $this->_defaultAccess]);
}
return true;
}
