/**
* Loads permissions into role object
*
* @param Role\RoleObject $role A role object
*/
protected function loadRolePermissions(Role\RoleObject $role)
{
$sAcc = $role instanceof Role\AccountRoleObject ? 'account_' : '';
$res = $this->db->Execute("\n SELECT\n rr.`" . $sAcc . "role_id` as `role_id`,\n rr.`resource_id`, rr.`granted`, rp.`perm_id`,\n rp.`granted` AS `perm_granted`\n FROM `acl_" . $sAcc . "role_resources` rr\n LEFT JOIN `acl_" . $sAcc . "role_resource_permissions` rp\n ON rp.`" . $sAcc . "role_id` = rr.`" . $sAcc . "role_id`\n AND rp.`resource_id` = rr.`resource_id`\n WHERE rr.`" . $sAcc . "role_id` = ?\n ", array($role->getRoleId()));
if ($res) {
$resources = $role->getResources();
while ($rec = $res->FetchRow()) {
if (!isset($resources[$rec['resource_id']])) {
//Adds resource to role object
$resource = new Role\RoleResourceObject($rec['role_id'], $rec['resource_id'], $rec['granted']);
$role->appendResource($resource);
} else {
$resource = $resources[$rec['resource_id']];
}
if ($rec['perm_id'] !== null) {
$permission = new Role\RoleResourcePermissionObject($rec['role_id'], $rec['resource_id'], $rec['perm_id'], $rec['perm_granted']);
//We should append permission only if it's been declared in the definition.
$resourceDefinition = Resource\Definition::get($resource->getResourceId());
if ($resourceDefinition->hasPermission($permission->getPermissionId())) {
$resource->appendPermission($permission);
}
unset($permission);
}
unset($resource);
}
}
}
