private function searchRolePrivileges($all, $role, $resource, $privilege)
{
$dfs = ['visited' => [], 'stack' => [$role]];
while (NULL !== ($role = array_pop($dfs['stack']))) {
if (isset($dfs['visited'][$role])) {
continue;
}
if ($all) {
if ($rules = $this->getRules($resource, $role)) {
foreach ($rules['byPrivilege'] as $privilege2 => $rule) {
if (self::DENY === $this->getRuleType($resource, $role, $privilege2)) {
return self::DENY;
}
}
if (NULL !== ($type = $this->getRuleType($resource, $role, NULL))) {
return $type;
}
}
} else {
if (NULL !== ($type = $this->getRuleType($resource, $role, $privilege))) {
return $type;
} elseif (NULL !== ($type = $this->getRuleType($resource, $role, NULL))) {
return $type;
}
}
$dfs['visited'][$role] = TRUE;
foreach ($this->roles[$role]['parents'] as $roleParent => $foo) {
$dfs['stack'][] = $roleParent;
}
}
return NULL;
}