<?php
class ZFE_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
    private $_auth;
    private $_acl;

    private $_noauth = array('module' => 'default',
                             'controller' => 'auth',
                             'action' => 'index');

    private $_noacl = array('module' => 'default',
                            'controller' => 'auth',
                            'action' => 'index');

    public function __construct($auth, $acl)
    {
        $this->_auth = $auth;
        $this->_acl = $acl;
    }

	public function preDispatch($request)
	{
		if( $this->_auth->hasIdentity() ) {
			$role = $this->_auth->getIdentity();
		}
		else {
			$role = 'guest';
		}

		$module = $request->getModuleName();
		$controller = $request->getControllerName();
		$action = $request->getActionName();

		$resource = $module.'_'.$controller.'_'.$action;

		//Save last request for redirector
		$url = ROOT_URL;
		$url .= (trim($module) != '') ? '/'.$module : '';
		$url .= (trim($controller) != '') ? '/'.$controller : '';
		$url .= (trim($action) != '') ? '/'.$action : '';
		Zend_Registry::get('navNamespace')->lastUrl = $url;

		if (!$this->_acl->has($resource)) {
			$resource = null;
		}
		if (!$this->_acl->isAllowed($role, $resource, $action)) {
			if (!$this->_auth->hasIdentity()) {
				$module = $this->_noauth['module'];
				$controller = $this->_noauth['controller'];
				$action = $this->_noauth['action'];
			} else {
				$module = $this->_noacl['module'];
				$controller = $this->_noacl['controller'];
				$action = $this->_noacl['action'];
			}
		}
		$request->setModuleName($module);
		$request->setControllerName($controller);
		$request->setActionName($action);
	}
}
?>