Access Control Lists are a tool that allows us to map permissions to objects - within Zend_Acl this maps to a hierarchical arrangement of roles and resources.
This talk will follow through the basic use of Zend_Acl and steadily build a series of practical examples to illustrate the different methods of creating and enforcing an ACL for an application. This will include how to implement some of the more complicated hierarchical relationships and advanced conditions through the use of assertions. We will also cover the design considerations of where to attach the ACL, with the differences between applying it to controllers or models. With a functioning ACL in place, we will examine some of the methods for persisting the list and whether that list should be static or dynamic.
Alongside the straight functionality of our code, we will also examine how to effectively unit test it, improving its performance and analysing the level of security that has been created.
This document summarizes the history and future of the Java Virtual Machine (JVM). It discusses how the JVM evolved from Java 1.0 with the addition of just-in-time compilation in 1.3 and a two-year release cycle until 1.6. It then describes the dispute between Sun and Apache over access to test suites that stalled Java's progress for five years until Oracle acquired Sun. It outlines new features added since like invokedynamic, lambda expressions, and modules. Finally, it discusses improvements to native interoperability and language support on the JVM through projects like Java Native Runtime (JNR).
This document provides an overview of anterior cruciate ligament (ACL) injuries, including the functions of the ACL, typical mechanisms of injury, symptoms, signs, diagnostic imaging, natural history if untreated, and treatment options. It discusses the goals of ACL reconstruction surgery, including proper graft selection, placement, tensioning, and fixation. Post-operative rehabilitation is also summarized, with the goal of regaining motion and strength while protecting the graft.
acl arthroscopic reconstruction single bundle vs double bundledrabhichaudhary88
The document discusses anterior cruciate ligament (ACL) repair, including a comparison of single bundle versus double bundle ACL reconstruction techniques. It provides details on ACL anatomy, biomechanics, injury mechanisms, treatment options, and surgical procedures. It also reviews findings from journal articles regarding clinical outcomes of single versus double bundle reconstruction.
ACL anterior crucitae ligament anamtomy and physical therapy Mahmoud Bagago
This document discusses the anatomy and mechanics of the knee joint, with a focus on the anterior cruciate ligament (ACL). It describes the signs and symptoms of an ACL injury, including a popping sound, knee instability, swelling and pain. Clinical exams like the Lachman and pivot shift tests can help diagnose an ACL tear, which is also visible on MRI. ACL injuries may be accompanied by damage to other structures like the meniscus or MCL ligament. Management options include physical therapy initially or ACL reconstruction surgery.
Bekket McClane gave a presentation on moving from the Android NDK to AOSP. The presentation covered the Android NDK introduction and JNI programming. It provided an overview of AOSP including the zygote process and Binder IPC. An example was shown for controlling the vibrator using C/C++ Binder APIs by accessing libraries from AOSP. The steps included building AOSP libraries, creating an Android.mk file, and interacting with the vibrator service via a fake AIDL interface. Questions were invited via the speaker's online accounts.
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
Ops are overwhelmed with support. Devs are mad because their cannot deploy the changes as fast as they want. Sounds familiar?
Infrastructure-as-code can make your life easier by empowering developers and reducing operations' routine toil. It can cut down the lead time for infrastructure provisioning from hours or even days to minutes.
This talk reviews several IaC tools and approaches, showing how to integrate them into continuous delivery pipeline. It covers the problems and challenges that engineers may face while working with infrastructure-as-code tools and provides a few hands-on recipes to address them.
Who is afraid of privileged containers ?Marko Bevc
This document discusses container security and demonstrates how privileges can be escalated in Kubernetes clusters. It covers security mechanisms for containers like rootless containers and privilege dropping. It then demonstrates how a user can escalate privileges by mounting host secrets or escaping containers to gain host access. The document concludes that while orchestration platforms improve security, following security best practices like least privilege pods and RBAC are needed. It advocates that all users should fear privileged containers.
Here Be Dragons: The Unexplored Land of Active Directory ACLsAndy Robbins
This document summarizes information about three individuals - Andy, Rohan, and Will - who work at Specter Ops creating security tools like BloodHound. It provides details on their jobs, tool development experience, conference presentations, training experience, and Twitter accounts. It then outlines abuse primitives that can be exploited through misconfigurations in Active Directory object ACLs. Finally, it demonstrates how to use tools like PowerView, SharpHound, and BloodHound to find misconfigurations and attack paths in Active Directory.
This document summarizes the history and future of the Java Virtual Machine (JVM). It discusses how the JVM evolved from Java 1.0 with the addition of just-in-time compilation in 1.3 and a two-year release cycle until 1.6. It then describes the dispute between Sun and Apache over access to test suites that stalled Java's progress for five years until Oracle acquired Sun. It outlines new features added since like invokedynamic, lambda expressions, and modules. Finally, it discusses improvements to native interoperability and language support on the JVM through projects like Java Native Runtime (JNR).
This document provides an overview of anterior cruciate ligament (ACL) injuries, including the functions of the ACL, typical mechanisms of injury, symptoms, signs, diagnostic imaging, natural history if untreated, and treatment options. It discusses the goals of ACL reconstruction surgery, including proper graft selection, placement, tensioning, and fixation. Post-operative rehabilitation is also summarized, with the goal of regaining motion and strength while protecting the graft.
acl arthroscopic reconstruction single bundle vs double bundledrabhichaudhary88
The document discusses anterior cruciate ligament (ACL) repair, including a comparison of single bundle versus double bundle ACL reconstruction techniques. It provides details on ACL anatomy, biomechanics, injury mechanisms, treatment options, and surgical procedures. It also reviews findings from journal articles regarding clinical outcomes of single versus double bundle reconstruction.
ACL anterior crucitae ligament anamtomy and physical therapy Mahmoud Bagago
This document discusses the anatomy and mechanics of the knee joint, with a focus on the anterior cruciate ligament (ACL). It describes the signs and symptoms of an ACL injury, including a popping sound, knee instability, swelling and pain. Clinical exams like the Lachman and pivot shift tests can help diagnose an ACL tear, which is also visible on MRI. ACL injuries may be accompanied by damage to other structures like the meniscus or MCL ligament. Management options include physical therapy initially or ACL reconstruction surgery.
Bekket McClane gave a presentation on moving from the Android NDK to AOSP. The presentation covered the Android NDK introduction and JNI programming. It provided an overview of AOSP including the zygote process and Binder IPC. An example was shown for controlling the vibrator using C/C++ Binder APIs by accessing libraries from AOSP. The steps included building AOSP libraries, creating an Android.mk file, and interacting with the vibrator service via a fake AIDL interface. Questions were invited via the speaker's online accounts.
Infrastructure-as-code: bridging the gap between Devs and OpsMykyta Protsenko
Ops are overwhelmed with support. Devs are mad because their cannot deploy the changes as fast as they want. Sounds familiar?
Infrastructure-as-code can make your life easier by empowering developers and reducing operations' routine toil. It can cut down the lead time for infrastructure provisioning from hours or even days to minutes.
This talk reviews several IaC tools and approaches, showing how to integrate them into continuous delivery pipeline. It covers the problems and challenges that engineers may face while working with infrastructure-as-code tools and provides a few hands-on recipes to address them.
Who is afraid of privileged containers ?Marko Bevc
This document discusses container security and demonstrates how privileges can be escalated in Kubernetes clusters. It covers security mechanisms for containers like rootless containers and privilege dropping. It then demonstrates how a user can escalate privileges by mounting host secrets or escaping containers to gain host access. The document concludes that while orchestration platforms improve security, following security best practices like least privilege pods and RBAC are needed. It advocates that all users should fear privileged containers.
Here Be Dragons: The Unexplored Land of Active Directory ACLsAndy Robbins
This document summarizes information about three individuals - Andy, Rohan, and Will - who work at Specter Ops creating security tools like BloodHound. It provides details on their jobs, tool development experience, conference presentations, training experience, and Twitter accounts. It then outlines abuse primitives that can be exploited through misconfigurations in Active Directory object ACLs. Finally, it demonstrates how to use tools like PowerView, SharpHound, and BloodHound to find misconfigurations and attack paths in Active Directory.
Akka and the Zen of Reactive System DesignLightbend
In order to be successful with asynchronous programming, when coming from synchronous execution models you need to change your mindset and look at things from a slightly different perspective. In order to use Akka at it's best, you will have to change the way you think about application design (loosen coupling in space and time between components), and re-think what you've maybe learned in the past.
In this talk we uncover a number of rules that serve as a guide in designing concurrent distributed applications, how those apply to Akka, and how they can help you in daily app development.
Aimed at developers through architects, Akka team happy hAkker, Konrad Malawski, bends your parameters with regards to application design and asynchronous execution models.
From continuous integration servers to blogging systems, we've all seen and used pluggable applications. Writing our own though can be an elusive task. That need not be the case, though, as the Java EE spec contains all you need to do just that. In this session, we'll see how we can leverage the power of CDI to write, for example, easily extensible JSF applications. When the session is over, you'll have all you need to write the next killer app, and, thanks to Java EE, you'll be surprised to see how little work it really is.
The document discusses how REST APIs and ORDS can help DBAs adopt more agile practices. It provides examples of how DBAs can expose database operations and metadata via REST endpoints to improve communication and automation between developers and DBAs. This includes endpoints for checking database connectivity, putting applications in maintenance mode, retrieving backup status, creating/deleting restore points, refreshing schemas, and more. The document argues that REST and ORDS can help make DBAs more agile by standardizing their operations and facilitating integration with other tools and services.
The document provides an introduction to object oriented programming concepts in PHP. It discusses the differences between procedural and object oriented code, basic OO concepts like classes, objects, properties, methods, constructors and destructors. It also covers inheritance, visibility, static members, and differences between PHP4 and PHP5 OOP. It uses requests as a case study and provides homework and suggested reading.
The document discusses database cloning challenges and solutions for thin provision cloning using various technologies like Oracle CloneDB, EMC BCV, SRDF, VMware snapshots, ZFS, and NetApp FlexClone. It also covers database virtualization solutions like Oracle SMU and Delphix that provide self-service virtual databases to developers by sharing blocks between clones for faster provisioning and development cycles. Case studies described how virtualization can accelerate development by providing frequent fresh clones of the source database.
The document provides information about new features and integration of Symfony and Doctrine. It discusses updates to the DoctrineBundle and new bundles for MongoDB integration and database migrations. It also covers using the Doctrine database abstraction layer independently and the object relational mapper, including entity management, querying, and schema management.
The document introduces the Play Framework version 2.1 and highlights its key features. It demonstrates building a sample application in Scala using Play's reactive, non-blocking architecture. Key features discussed include Play's built-in support for Scala, reactive programming, JSON APIs, routing, templates, and testing.
Distributed Search in Riak - Integrating Search in a NoSQL Database: Presente...Lucidworks
Fred Dushin discusses distributed search in Riak, a NoSQL database. He explains how Riak distributes data across nodes and repairs divergence to maintain availability. Riak integrates with Solr for search capabilities through Yokozuna, which automatically indexes data stored in Riak and distributes queries across nodes. Yokozuna also uses active anti-entropy to repair differences between the search index and underlying Riak data.
Singletons in PHP - Why they are bad and how you can eliminate them from your...go_oh
While Singletons have become a Pattern-Non-Grata over the years, you still find it surprisingly often in PHP applications and frameworks. This talk will explain what the Singleton pattern is, how it works in PHP and why you should avoid it in your application.
You're Off the Hook: Blinding Security SoftwareCylance
User-mode hooking is dead. It’s also considered harmful due to interference with OS-level exploit mitigations like Control Flow Guard (CFG). At BlackHat US 2016, the “Captain Hook” talk revealed there were multiple serious security issues in AV hooking — we will put the final nail in the coffin by showing how trivial it is to bypass user-mode hooks. We will demonstrate a universal user-mode unhooking approach that can be included in any binary to blind security software from monitoring code execution and perform heuristic analysis. The tool and source code will be released on GitHub after the talk.
Alex Matrosov | Principal Research Scientist
Jeff Tang | Senior Security Researcher
Docker for Developers: Dev, Test, Deploy @ BucksCo Devops at MeetMe HQErica Windisch
The document discusses Docker's platform and ecosystem, which has grown significantly over 19 months to include over 640 contributors, 2.75 million downloads, and extensive community support and documentation. It also outlines the key components of Docker's platform, including the Docker Engine for building, shipping, and running containers, and Docker Hub for sharing images. Finally, it provides examples of how to use Docker to build, run, and manage applications and services across infrastructure.
Running your Java EE 6 Applications in the CloudArun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates deploying applications to various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It also compares these platforms and discusses how Java EE can evolve to better support cloud computing.
Docker has several issues that make it unsuitable for managing infrastructure over many years, including frequent breaking changes in new releases, difficulty cleaning up old images, and lack of kernel support. While containers provide benefits like isolation and reproducible environments, monitoring and debugging containers is challenging. Docker also adds security risks compared to traditional infrastructure stacks due to additional layers like registries and daemons.
This document provides an overview of best practices for writing responsible JavaScript code. It discusses topics like avoiding globals, using namespaces, modifying prototypes responsibly, factories for object creation, properly handling the this keyword, best practices for switch statements, equality comparisons, and the use of $ in libraries and applications. The document emphasizes writing clear, understandable code, avoiding ambiguity and potential bugs, and being considerate of other code on the page.
Running your Java EE 6 applications in the Cloud (FISL 12)Arun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates how to deploy Java EE 6 applications on various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. The document also discusses the Java EE 7 specification and upcoming GlassFish Server distributions.
Containers provide a way to package and run applications in a portable and isolated environment. Containers are created from images, which are built using Dockerfiles. Containers can then be run, tested, and deployed using tools like Docker, Docker Compose, and Jenkins. When deployed in production, containers can be orchestrated and managed at scale using Docker Swarm. Containers allow applications to be more portable, isolated, and scalable compared to traditional virtual machines.
The document discusses Gradle, an open-source build automation tool. It provides an overview of Gradle's benefits such as scripting flexibility, incremental builds, and IDE project generation. It also covers key Gradle concepts like dependency management, testing, publishing artifacts, and custom tasks/plugins.
This document provides instructions and information about installing and setting up Elasticsearch, including installing Ubuntu, VirtualBox, and Elasticsearch. It discusses enabling virtualization in the BIOS, notes that Avast anti-virus can conflict with VirtualBox, and encourages the reader to install the listed software and set up Elasticsearch.
Talk from 4Developers '12 and PHP Barcelona '11
It’s fun to architect your application to handle millions of pageviews, but in reality that’s time where you could be adding features. We’ll examine some practical solutions for designing your platform to deal with increasing traffic and how to add those features on an incremental basis. This will take us through options for scaling the code and additional methods for scaling the infrastructure.
Clients need to know how much a project will cost. Waterfall development is always late and over-budget. Agile development is done when it's done. You're left with estimates that you know are too low and then you squeeze them anyway. It shouldn't be this way. We'll look at how this happens, early warning signs, ways out and ways of avoiding it in the first place.
Akka and the Zen of Reactive System DesignLightbend
In order to be successful with asynchronous programming, when coming from synchronous execution models you need to change your mindset and look at things from a slightly different perspective. In order to use Akka at it's best, you will have to change the way you think about application design (loosen coupling in space and time between components), and re-think what you've maybe learned in the past.
In this talk we uncover a number of rules that serve as a guide in designing concurrent distributed applications, how those apply to Akka, and how they can help you in daily app development.
Aimed at developers through architects, Akka team happy hAkker, Konrad Malawski, bends your parameters with regards to application design and asynchronous execution models.
From continuous integration servers to blogging systems, we've all seen and used pluggable applications. Writing our own though can be an elusive task. That need not be the case, though, as the Java EE spec contains all you need to do just that. In this session, we'll see how we can leverage the power of CDI to write, for example, easily extensible JSF applications. When the session is over, you'll have all you need to write the next killer app, and, thanks to Java EE, you'll be surprised to see how little work it really is.
The document discusses how REST APIs and ORDS can help DBAs adopt more agile practices. It provides examples of how DBAs can expose database operations and metadata via REST endpoints to improve communication and automation between developers and DBAs. This includes endpoints for checking database connectivity, putting applications in maintenance mode, retrieving backup status, creating/deleting restore points, refreshing schemas, and more. The document argues that REST and ORDS can help make DBAs more agile by standardizing their operations and facilitating integration with other tools and services.
The document provides an introduction to object oriented programming concepts in PHP. It discusses the differences between procedural and object oriented code, basic OO concepts like classes, objects, properties, methods, constructors and destructors. It also covers inheritance, visibility, static members, and differences between PHP4 and PHP5 OOP. It uses requests as a case study and provides homework and suggested reading.
The document discusses database cloning challenges and solutions for thin provision cloning using various technologies like Oracle CloneDB, EMC BCV, SRDF, VMware snapshots, ZFS, and NetApp FlexClone. It also covers database virtualization solutions like Oracle SMU and Delphix that provide self-service virtual databases to developers by sharing blocks between clones for faster provisioning and development cycles. Case studies described how virtualization can accelerate development by providing frequent fresh clones of the source database.
The document provides information about new features and integration of Symfony and Doctrine. It discusses updates to the DoctrineBundle and new bundles for MongoDB integration and database migrations. It also covers using the Doctrine database abstraction layer independently and the object relational mapper, including entity management, querying, and schema management.
The document introduces the Play Framework version 2.1 and highlights its key features. It demonstrates building a sample application in Scala using Play's reactive, non-blocking architecture. Key features discussed include Play's built-in support for Scala, reactive programming, JSON APIs, routing, templates, and testing.
Distributed Search in Riak - Integrating Search in a NoSQL Database: Presente...Lucidworks
Fred Dushin discusses distributed search in Riak, a NoSQL database. He explains how Riak distributes data across nodes and repairs divergence to maintain availability. Riak integrates with Solr for search capabilities through Yokozuna, which automatically indexes data stored in Riak and distributes queries across nodes. Yokozuna also uses active anti-entropy to repair differences between the search index and underlying Riak data.
Singletons in PHP - Why they are bad and how you can eliminate them from your...go_oh
While Singletons have become a Pattern-Non-Grata over the years, you still find it surprisingly often in PHP applications and frameworks. This talk will explain what the Singleton pattern is, how it works in PHP and why you should avoid it in your application.
You're Off the Hook: Blinding Security SoftwareCylance
User-mode hooking is dead. It’s also considered harmful due to interference with OS-level exploit mitigations like Control Flow Guard (CFG). At BlackHat US 2016, the “Captain Hook” talk revealed there were multiple serious security issues in AV hooking — we will put the final nail in the coffin by showing how trivial it is to bypass user-mode hooks. We will demonstrate a universal user-mode unhooking approach that can be included in any binary to blind security software from monitoring code execution and perform heuristic analysis. The tool and source code will be released on GitHub after the talk.
Alex Matrosov | Principal Research Scientist
Jeff Tang | Senior Security Researcher
Docker for Developers: Dev, Test, Deploy @ BucksCo Devops at MeetMe HQErica Windisch
The document discusses Docker's platform and ecosystem, which has grown significantly over 19 months to include over 640 contributors, 2.75 million downloads, and extensive community support and documentation. It also outlines the key components of Docker's platform, including the Docker Engine for building, shipping, and running containers, and Docker Hub for sharing images. Finally, it provides examples of how to use Docker to build, run, and manage applications and services across infrastructure.
Running your Java EE 6 Applications in the CloudArun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates deploying applications to various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. It also compares these platforms and discusses how Java EE can evolve to better support cloud computing.
Docker has several issues that make it unsuitable for managing infrastructure over many years, including frequent breaking changes in new releases, difficulty cleaning up old images, and lack of kernel support. While containers provide benefits like isolation and reproducible environments, monitoring and debugging containers is challenging. Docker also adds security risks compared to traditional infrastructure stacks due to additional layers like registries and daemons.
This document provides an overview of best practices for writing responsible JavaScript code. It discusses topics like avoiding globals, using namespaces, modifying prototypes responsibly, factories for object creation, properly handling the this keyword, best practices for switch statements, equality comparisons, and the use of $ in libraries and applications. The document emphasizes writing clear, understandable code, avoiding ambiguity and potential bugs, and being considerate of other code on the page.
Running your Java EE 6 applications in the Cloud (FISL 12)Arun Gupta
This document discusses running Java EE 6 applications in the cloud. It provides an overview of Java EE 6 and demonstrates how to deploy Java EE 6 applications on various cloud platforms including Amazon Web Services, RightScale, Microsoft Azure, and Joyent. The document also discusses the Java EE 7 specification and upcoming GlassFish Server distributions.
Containers provide a way to package and run applications in a portable and isolated environment. Containers are created from images, which are built using Dockerfiles. Containers can then be run, tested, and deployed using tools like Docker, Docker Compose, and Jenkins. When deployed in production, containers can be orchestrated and managed at scale using Docker Swarm. Containers allow applications to be more portable, isolated, and scalable compared to traditional virtual machines.
The document discusses Gradle, an open-source build automation tool. It provides an overview of Gradle's benefits such as scripting flexibility, incremental builds, and IDE project generation. It also covers key Gradle concepts like dependency management, testing, publishing artifacts, and custom tasks/plugins.
This document provides instructions and information about installing and setting up Elasticsearch, including installing Ubuntu, VirtualBox, and Elasticsearch. It discusses enabling virtualization in the BIOS, notes that Avast anti-virus can conflict with VirtualBox, and encourages the reader to install the listed software and set up Elasticsearch.
Similar to Practical Applications of Zend_Acl (20)
Talk from 4Developers '12 and PHP Barcelona '11
It’s fun to architect your application to handle millions of pageviews, but in reality that’s time where you could be adding features. We’ll examine some practical solutions for designing your platform to deal with increasing traffic and how to add those features on an incremental basis. This will take us through options for scaling the code and additional methods for scaling the infrastructure.
Clients need to know how much a project will cost. Waterfall development is always late and over-budget. Agile development is done when it's done. You're left with estimates that you know are too low and then you squeeze them anyway. It shouldn't be this way. We'll look at how this happens, early warning signs, ways out and ways of avoiding it in the first place.
Our protagonist learns about dependency injection patterns from a senior developer. She starts with naive direct instantiation that cannot be tested. After trying setter injection and constructor injection, she realizes factories allow returning different object types. This achieves 100% test coverage while keeping classes focused. Further exploration reveals the patterns were first described by Martin Fowler and Richard Miller has written extensively on their use in Symfony.
Test-driven development is generally regarded as a good move: it should result in simple decoupled design, your tests tend to cover behaviour not methods, and far fewer bugs. However, just getting unit tests in on a real, commercial project is hard - switching to TDD is even harder. Often you can start a project with good intentions and coverage, then the deadline looms and the tests go out then the hacks come in. So, instead of beating ourselves up about not being perfect let's look at an interative approach to adopting TDD principles. We'll look at tactics for selling TDD to your client, boss and colleagues. This talk will also cover methods for making TDD easier for you by showing you what tools you can use to integrate it into your development environment. In the project itself, we'll examine how we can make small but permanent steps towards full TDD, without losing that progress when deadlines hit. We'll also cover a few methods for learning on your own time and how the whole process can actually be made quite enjoyable.
The document compares and explains several sorting algorithms: insertion sort, bubble sort, quick sort, heap sort, and counting sort. For each algorithm, it provides pseudocode to demonstrate the sorting logic, and analyzes the time and space complexity of the algorithms as O(n) notation. The document also briefly discusses the history of when different sorting algorithms were invented or improved.
Practical tips for dealing with projects involving legacy code. Covers investigating past projects, static analysis of existing code, and methods for changing legacy code.
Presented at PHP Benelux '10
Rowan Merewood discusses how his company adopted new tools and technologies. They started by getting individuals excited about new ideas through demonstrations. Successful pilots led them to migrate their source code repository from CVS to Git through extensive planning and parallel runs. While migration was challenging, they encountered no technical issues. The company now continues improving through incremental upgrades and a focus on maintenance.
Smart efficient design using REST and MVC.
Web applications are everywhere now, but many of them misuse the basic concepts laid down by the HTTP protocol, miss the benefits of making the application and the API the same thing, and don't set themselves up to grow if things take off.
This talk will look at the design decisions you need to make to ensure that your application really is ReST-ful, how we fit that cleanly into MVC, and how state machines can help us manage clean state changes in a stateless protocol. The talk will go into some of the available design patterns with class diagrams and code snippets showing how and where to implement them.
Originally presented at PHP UK 2009.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
2. Who is this?
@rowan_m
Software Engineer
Team Lead
http://merewood.org
2
3. Why do this?
So you don't have to.
Problems encountered,
solutions discovered,
lessons learned.
3
4. What do you want?
More concept?
- or -
More code?
4
5. What does this solve?
The “Gold Standard” for
security.
5
6. Gold Standard
Gold
79
Au thentication
196.97
Gold
79
Au thorisation
196.97
Gold
79
Au diting
196.97
B.W. Lampson. Computer Security in the Real World. Computer, 37(6):37–46, 2004
http://research.microsoft.com/en-us/um/people/blampson/69-SecurityRealIEEE/69-SecurityRealIEEE.htm
6
7. Gold Standard
Gold
79
Au thentication
196.97
Gold
79
Au thorisation
196.97
You are here.
Gold
79
Au diting
196.97
B.W. Lampson. Computer Security in the Real World. Computer, 37(6):37–46, 2004
http://research.microsoft.com/en-us/um/people/blampson/69-SecurityRealIEEE/69-SecurityRealIEEE.htm
7
10. Roles
• A named group of privileges for a
resource.
• A role may inherit from many parent roles
• Build the tree from leaf to root
10
11. Roles
• A user is a leaf node Client Contact
Developer
Lead Developer
Employee
Rowan
11
12. Roles
• A user is a leaf node Client Contact
Developer
Lead Developer Sales
Employee
Evil
Rowan Rowan
12
13. Roles
• Use inheritance sparingly
• Avoid circular dependencies
• Over-complicated relationships
• Difficult to configure
13
14. Resources
• Objects with which users can interact
• A resource may have one parent
• Build the tree from root to leaf
14
15. Resources
Ship
Federation Klingon
Galaxy class
NCC-1701-D NCC-1701-E
15
16. Resources
Ship
Federation Klingon
Galaxy class Allow “bridge crew” role
the “activate cloak” privilege
NCC-1701-D NCC-1701-E
16
17. Resources
Allow “*” role
the “self destruct” privilege
asserting “is captain” Ship
Federation Klingon
Galaxy class
NCC-1701-D NCC-1701-E
17
18. Privileges
• Simple – just strings
• Qualifies the operation a role may
perform against a resource
• Shared vocabulary: CRUD
18
19. Assertions
• An arbitrary condition attached to the ACL
returning true or false
• Has access to the role, resource, privilege
and ACL
• Power and flexibility open to abuse
19
20. Assertions
• "user" can "view" a "group photo" if "user is
a member of the group"
• "user" can "create" an "comment" if "the user
has submitted less than 5 comments in
the last hour"
• "job scheduler" may "schedule" a "task" if
"no instances of the task are running"
20
21. Assertions
• "user" can "view" a "group photo" if "user is
a member of the group"
• "user" can "create" an "comment" if "the user
hasDirect relationshipless than 5 and the resource.
submitted between the role comments in
All dependencies are passed in.
the last hour"
“Visibility” is a good concept to keep in the ACL
• "job scheduler" may "schedule" a "task" if
"no instances of the task are running"
21
22. Assertions
• "user" can "view" a "group photo" if "user is
a member of the group"
• "user" can "create" an "comment" if "the user
has submitted less than 5 comments in
the last hour"
Border-line – most dependencies contained
• "job scheduler" may "schedule" a "task" if
Does the time-based system state count as
“authorisation”?
"no instances of the task are running"
22
23. Assertions
• "user" can "view" a "group photo" if "user is
a member of the group"
• "user" can "create" an "comment" if "the user
has submitted less thanoutside the scope in
Advanced dependencies definitely
5 comments
This is a “pre-add” check for the model
the last hour"
• "job scheduler" may "schedule" a "task" if
"no instances of the task are running"
23
24. Let's see some code
Zend_Acl
Zend_Acl_Role_Interface
Zend_Acl_Resource_Interface
Zend_Acl_Assert_Interface
24
25. Simple, Static ACL
$acl = new Zend_Acl();
$eng = new Zend_Acl_Role('engineering');
$scotty = new Zend_Acl_Role('scotty');
$kirk = new Zend_Acl_Role('kirk');
$dilCrys = new Zend_Acl_Resource('dilithium crystals');
$acl->addRole($eng);
$acl->addRole($scotty, $eng);
$acl->addRole($kirk);
$acl->addResource($dilCrys);
$acl->allow($eng, $dilCrys);
25
26. Simple, Static ACL
echo "Can Scotty replace the dilithium crystals?n";
echo ($acl->isAllowed('scotty', 'dilithium crystals', 'replace')) ?
"Can don" : "Cannae don";
echo "Can Kirk seduce the dilithium crystals?n";
echo ($acl->isAllowed('kirk', 'dilithium crystals', 'seduce')) ?
"Really cann" : "Obviously notn";
rowan@swordbean:~$ php test01.php
Can Scotty replace the dilithium crystals?
Can do
Can Kirk seduce the dilithium crystals?
Obviously not
26
27. Implementing Resource
Any entity in your system:
• Controllers
• Models
• Users
• Files
• Processes
27
28. Implementing Resource
class Ship implements Zend_Acl_Resource_Interface
{
public $captain;
public $registry;
public function getResourceId()
{
return $this->registry;
}
}
$acl = new Zend_Acl();
$kirk = new Zend_Acl_Role('kirk');
$acl->addRole($kirk);
$ship = new Ship();
$ship->captain = 'kirk';
$ship->registry = 'ncc-1701';
$acl->addResource($ship);
28
29. Adding an Assertion
class IsCaptainOf implements Zend_Acl_Assert_Interface
{
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null,
Zend_Acl_Resource_Interface $resource = null, $privilege = null) {
if ( !($resource instanceof Ship) ) {
throw new Zend_Acl_Exception(
'IsCaptainOf assertion only valid on Ships' );
}
return ($role->getRoleId() == $resource->captain);
}
}
$assert = new IsCaptainOf();
$acl->allow('kirk', 'ncc-1701', 'destruct', $assert);
echo "Can Kirk order self-destruct?n";
echo ($acl->isAllowed('kirk', 'ncc-1701', 'destruct')) ?
"Star Trek III: The Search for Spockn" : "Non";
29
30. Adding an Assertion
class IsCaptainOf implements Zend_Acl_Assert_Interface
{
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null,
Zend_Acl_Resource_Interface $resource = null, $privilege = null) {
if ( !($resource instanceof Ship) ) {
throw new Zend_Acl_Exception(
'IsCaptainOf assertion only valid on Ships' );
}
return ($role->getRoleId() == $resource->captain);
}
Increasing complexity
}
Introducing extra points of failure
$assert = new IsCaptainOf();
$acl->allow('kirk', 'ncc-1701', 'destruct', $assert);
echo "Can Kirk order self-destruct?n";
echo ($acl->isAllowed('kirk', 'ncc-1701', 'destruct')) ?
"Star Trek III: The Search for Spockn" : "Non";
30
31. Dynamic ACL
Store config. in the DB
Build on the fly
One size does not fit all
31
42. Implementing Role
interface Role_Interface extends Zend_Acl_Role_Interface {
public function getType();
}
class User extends Zend_Db_Table_Row_Abstract implements Role_Interface {
public function getType() {
return 'User';
}
public function getRoleId() {
return $this->getType().':'.$this->user_id;
}
}
class Group extends Zend_Db_Table_Row_Abstract implements Role_Interface {
public function getType() {
return 'Group';
}
public function getRoleId() {
return $this->getType().':'.$this->group_id;
}
}
42
43. What do we
want to enforce?
Users in the “command” group
may issue orders to users
subordinate to them
43
45. Implementing Resource
interface Resource_Interface extends Zend_Acl_Role_Interface {
public function getType();
}
class Order extends Zend_Db_Table_Row_Abstract implements Resource_Interface
{
public function getType() {
return 'Order';
}
public function getResourceId() {
$id = $this->getType();
if ($this->order_id) {
$id .= ':'.$this->order_id;
}
return $id;
}
}
45
47. Populate the DB
mysql> select u.name, g.name as `group`, r.name as `rank` from users u
inner join user_groups ug on u.user_id = ug.user_id
inner join groups g on ug.group_id = g.group_id
inner join user_ranks ur on u.user_id = ur.user_id
inner join ranks r on ur.rank_id = r.rank_id;
+------+-------------+---------+
| name | group | rank |
+------+-------------+---------+
| kirk | command | captain |
| rand | bridge crew | yeoman |
+------+-------------+---------+
47
48. Issuing an order
$issuer = Zend_Auth::getInstance()->getIdentity();
$u = new Users();
$subord = $u->find(2)->current();
$order = new Order();
$order->superior_user_id = $issuer->user_id;
$order->subordinate_user_id = $subord->user_id;
$order->detail = "Get your red shirt, it's time for an away mission.";
$acl = new AclWrapper();
if (!$acl->isAllowed($issuer, $order, 'create')) {
throw new Zend_Controller_Action_Exception(
'Not allowed to create order!' , 403);
}
$order->save();
48
49. Issuing an order
$issuer = Zend_Auth::getInstance()->getIdentity();
$u = new Users();
$subord = $u->find(2)->current();
$order = new Order();
$order->superior_user_id = $issuer->user_id;
You could move
$order->subordinate_user_id = $subord->user_id; this check
$order->detail = "Get your red shirt, onto the model
it's time for an away mission.";
$acl = new AclWrapper();
if (!$acl->isAllowed($issuer, $order, 'create')) {
throw new Zend_Controller_Action_Exception(
'Not allowed to create order!' , 403);
}
$order->save();
49
50. Building the ACL
class AclWrapper
{
public function isAllowed(User $role = null,
Resource_Interface $resource = null, $privilege = null) {
$acl = new Zend_Acl();
$groups = $user->findGroups();
foreach ($groups as $group) {
$acl->addRole($group);
}
$acl->addRole($user, $groups);
if (strpos($resource->getResourceId(), ':')) {
$parent = new Zend_Acl_Resource($resource->getType());
$acl->addResource($parent);
$acl->addResource($resource, $parent);
} else {
$acl->addResource($resource);
}
[...]
50
51. Building the ACL
class AclWrapper
{
public function isAllowed(User $role = null,
Resource_Interface $resource = null, $privilege = null) {
$acl = new Zend_Acl();
$groups = $user->findGroups();
Add Group roles
foreach ($groups as $group) {
Add the User role
$acl->addRole($group);
}
$acl->addRole($user, $groups);
if (strpos($resource->getResourceId(), ':')) {
$parent = new Zend_Acl_Resource($resource->getType());
$acl->addResource($parent);
$acl->addResource($resource, $parent);
} else {
$acl->addResource($resource);
}
[...]
51
52. Building the ACL
class AclWrapper
{
public function isAllowed(User $role = null,
Resource_Interface $resource = null, $privilege = null) {
$acl = new Zend_Acl();
$groups = $user->findGroups();
foreach ($groups as $group) {
$acl->addRole($group);
}
$acl->addRole($user, $groups);
if (strpos($resource->getResourceId(), ':')) {
$parent = new Zend_Acl_Resource($resource->getType());
$acl->addResource($parent);
$acl->addResource($resource, $parent);
} else {
$acl->addResource($resource); ':' means adding an instance
} and its parent
[...]
52
53. Building the ACL
foreach ($groups as $group) {
foreach ($groups->findPermissions as $permission) {
$assert = null;
$classname = $permission->assert;
if (
$classname && class_exists($classname)
&& is_subclass_of($classname, 'Zend_Acl_Assert_Interface')
) {
$assert = new $classname();
}
$op = ($permission->type == 'allow') ? 'allow' : 'deny';
$acl->$op($group, $resource, $permission->privilege, $assert);
}
}
return $acl->isAllowed($role, $resource, $privilege);
}
}
53
54. Building the ACL
foreach ($groups as $group) {
foreach ($groups->findPermissions as $permission) {
$assert = null;
$classname = $permission->assert;
if (
$classname && class_exists($classname)
&& is_subclass_of($classname, 'Zend_Acl_Assert_Interface')
) {
$assert = new $classname();
} Validate as much as possible!
$op = ($permission->type == 'allow') ? 'allow' : 'deny';
$acl->$op($group, $resource, $permission->privilege, $assert);
}
}
return $acl->isAllowed($role, $resource, $privilege);
}
}
54
55. Asserting Superiority
class IsSuperior implements Zend_Acl_Assert_Interface
{
public function assert(
Zend_Acl $acl, Zend_Acl_Role_Interface $role = null,
Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
if (!$role instanceof User) {
throw new Zend_Acl_Exception('Assertion only applies to Users');
}
if (!$resource instanceof Order) {
throw new Zend_Acl_Exception('Assertion only applies to Orders');
}
$supRank = $role->findRanks()->current();
$subRank = $resource->findUsersBySubordinate()->current();
return ($supRank->rank_id > $subRank->rank_id);
}
}
55
56. Issuing an order
$issuer = Zend_Auth::getInstance()->getIdentity();
$u = new Users();
$subord = $u->find(2)->current();
$order = new Order();
$order->superior_user_id = $issuer->user_id;
$order->subordinate_user_id = $subord->user_id;
$order->detail = "Get your red shirt, it's time for an away mission.";
$acl = new AclWrapper();
if (!$acl->isAllowed($issuer, $order, 'create')) {
throw new Zend_Controller_Action_Exception(
'Not allowed to create order!' , 403);
}
$order->save();
56