Zend ACL允许某些操作

时间:2013-02-24 22:09:17

标签: zend-framework acl

如何使用Zend ACL允许某些用户访问控制器中的某些操作?现在,我只知道如何允许用户访问整个控制器,但我想限制控制器内的操作!

1 个答案:

答案 0 :(得分:1)

要允许/拒绝某些操作的访问权限,请在Zend_Acl的allow / deny方法中指定它们。

Zend_Acl::allow()方法中的第三个参数只允许您对给定控制器/资源上的某些操作设置访问控制。例如:

<?php

$acl = new Zend_Acl();

// Roles
$guest = new Zend_Acl_Role('guest');
$user = new Zend_Acl_Role('user');

// Register the roles with the Zend_Acl
$acl->addRole($guest);
$acl->addRole($user, 'guest');

// Resources/Controllers
$indexController = new Zend_Acl_Resource('index');
$profileController = new Zend_Acl_Resource('profile');

// Add resources/controllers to the Zend_Acl
$acl->add($indexController);
$acl->add($profileController);


// Now set limits of access to the resources.
// Guests get access to all the actions in the index controller,
// but to only the login and logout actions in the profile controller.
$acl->allow('guest', 'index');
$acl->allow('guest', 'profile', array('login', 'logout'));

// Users get full access to the profile controller
$acl->allow('user', 'profile');