我有一个前端控制器,可以将所有请求路由到相关的控制器。
现在,我需要实现像 USERS - ROLES - SERVICES 这样的结构,其中在服务中我应该放置用户可以做或不能做的事情(例如删除产品)。
Users,Roles和Services必须在db中持久存在。
这是我的前端控制器(index.php):
/* index.php is the front controller (something like a global controller
* which routes all the requests to their relative controllers) */
require_once 'init.php';
require_once ROOT_DIR . "/controllers/DocumentController.php";
require_once ROOT_DIR . "/controllers/UserController.php";
require_once ROOT_DIR . "/resources/SMTemplate.php";
/* Pass an empty $contents array to the controller.
* The controller fills it with its contents and gives it back to the template. */
$contents = Array();
$requestedUrl = $_SERVER['REQUEST_URI'];
$parsedRequestedUrl = parse_url($requestedUrl,PHP_URL_PATH);
$parsedRequestedUrl = strtolower($parsedRequestedUrl); // Lo mette tutto in minuscolo in modo tale da non avere problemi di case sensitiveness
$uri1Parts = explode("/", $parsedRequestedUrl);
if (isset($uri1Parts[3])){
$controllerString = $uri1Parts[3];
if (isset($uri1Parts[4])) {
$methodString = $uri1Parts[4];
// if ($methodString)
} else {
$methodString = '';
}
} else {
$controllerString = '';
}
switch ($controllerString) {
case '':
$controller = new DocumentController($contents);
$template = $controller->goToIndex();
$contents = $controller->getContents();
break;
case 'documents':
$controller = new DocumentController($contents);
switch ($methodString) {
case '':
$template = $controller->viewDocuments();
$contents = $controller->getContents();
break;
case 'documentslistforsharer':
$template = $controller->documentslistforsharer();
$contents = $controller->getContents();
break;
case 'listdocumentsresponsegrid':
$responseGrid = $controller->listDocumentsResponseGrid(); // in realtà ne esce un echo per ajax
$contents = $controller->getContents();
break;
case 'create_start':
$template = $controller->createStart();
$contents = $controller->getContents();
break;
case 'create':
$redirect = $controller->createDocument();
$contents = $controller->getContents();
break;
}
break;
case 'users':
$controller = new UserController($contents);
switch ($methodString) {
case '':
$template = $controller->goToIndex();
$contents = $controller->getContents();
break;
case 'create_start':
$template = $controller->createStart();
$contents = $controller->getContents();
break;
case 'create':
$template = $controller->createUser();
$contents = $controller->getContents();
break;
case 'authenticate':
$contents = $controller->getContents();
$redirect = $controller->authenticateUser();
//$template = $controller->authenticateUser();
break;
}
break;
}
/* If the controller call returns a value in a $template variable, the front controller
* renders the template. If the value is returned in a $redirect variable, the front
* controller redirects the user to the url inside it. */
if (isset($template)) {
$tpl = new SMTemplate();
$tpl->render($template,$contents);
} elseif (isset($redirect)) {
$parsedUrl = parse_url($redirect,PHP_URL_PATH);
$urlParts = explode("/", $parsedUrl);
$redirectMethod = $parts[4];
// Checks if the fourth level of the url refers to the authenticate method or not.
if ($redirectMethod == "authenticate") {
header("Location: http://localhost/blabla");
exit();
} else {
header("Location: " . $redirect);
exit();
}
}
如何实施 USERS - ROLES - SERVICES 结构?
我是否应该使用“ documents / create ”等网址填充数据库中的服务表,并检查用户+角色是否已获得该服务?我不太喜欢它...我认为认证应该在特定的控制器中完成,而不是在前端控制器中。
你有什么建议?