我做错了我想,我想限制对模块的访问。只有登录用户才能访问tijdmachine模块。
这是我的module.config.php:
<?php
namespace Tijdmachine;
return array(
'resource_providers' => array(
'BjyAuthorizeProviderResourceConfig' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorizeProviderRuleConfig' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
'view_manager' => array(
'template_path_stack' => array(__DIR__ . '/../view')
),
'controllers' => array(
'invokables' => array(
'Tijdmachine\Controller\IndexController' => 'Tijdmachine\Controller\IndexController',
)
),
'router' => array(
'routes' => array(
'tijdmachine' => array(
'resource' => 'tijdmachine',
'privilege' => 'index',
'type' => 'segment',
'options' => array(
'route' => '/tijdmachine',
// <---- url format module/action/id
'constraints' => array(
'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
'id' => '[0-9]+',
),
'defaults' => array(
'controller' => 'Tijdmachine\Controller\IndexController',
// <--- Defined as the module controller
'action' => 'index',
// <---- Default action
),
),
),
),
),
);
我定义了一个资源,一个特权,并在我的路线中命名了它们。但是,如果我去了特定网址,我仍然会在没有登录的情况下看到所有信息。我做错了什么?
提前致谢!
答案 0 :(得分:1)
如the documentation中所述,您需要在配置中使用类名:
return array(
'resource_providers' => array(
'BjyAuthorize\Provider\Resource\Config' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorize\Provider\Rule\Config' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
...
'guards' => array(
/* If this guard is specified here (i.e. it is enabled], it will block
* access to all routes unless they are specified here.
*/
\BjyAuthorize\Guard\Route::class => array(
['route' => 'tijdmachine', 'roles' => ['user']],
),
),
);