Zend ACL - 将权限转换为公共权限

时间:2015-01-26 11:53:37

标签: php zend-framework acl

我的项目需要一个ACL,我已经看过Alexander Romanenko'video我一直在研究Zend ACL,这似乎可以满足我的需求。它太棒了,我已经实现了这个:

models / LibraryAcl.php:

<?php
class Model_LibraryAcl extends Zend_Acl
{
    public function __construct()
    {

        $this ->add (new Zend_Acl_Resource('index'));
        $this ->add (new Zend_Acl_Resource('authentication','login'));
        $this-> add (new Zend_Acl_Resource('list'),'books');

        $this->addRole(new Zend_Acl_Role('user'));
        $this->addRole(new Zend_Acl_Role('admin'),'user');

        $this->allow ('user','user');
        $this->allow ('user','index');
        $this ->allow('admin','books', 'list' ));

    }
}


插件/ AccessCheck.php:

<?php 
class Plugin_AccessCheck extends  Zend_Controller_Plugin_Abstract{

    private $_acl = null;
    private $_auth = null;

    public function __construct(Zend_Acl $acl , Zend_Auth $auth){
        $this->_acl = $acl;
        $this->_auth = $auth;
    }


    public function preDispatch(Zend_Controller_Request_Abstract $request){
        $resource = $request->getControllerName();
        $action = $request->getActionName();
        $identity = $this->_auth->getStorage()->read();
        $role = $identity->role;

        if (!$this->_acl ->isAllowed($role,$resource,$action) ){
                $request->setControllerName('authentication')
                        ->setActionName('login');

        } 
    }
}

我想要的是允许所有人(管理员,用户和尚未登录的人)访问登录页面(身份验证/登录 - &gt;控制器名称:身份验证,操作名称:登录)

更新:
我发现我必须使用guest作为角色并为此角色设置权限。

2 个答案:

答案 0 :(得分:1)

$this->addRole(new Zend_Acl_Role('guest'));
$this->addRole(new Zend_Acl_Role('user'), 'guest');
$this->addRole(new Zend_Acl_Role('admin'), 'user');

$this->allow('guest', 'authentication', 'login');

答案 1 :(得分:1)

更改 AccessCheck.php:

<?php 
class Plugin_AccessCheck extends  Zend_Controller_Plugin_Abstract{

    const UNAUTHORIZED_ACCESS = 'UNAUTHORIZED_ACCESS';

    public function preDispatch(Zend_Controller_Request_Abstract $request){
        $auth = Zend_Auth::getInstance();
        if ($auth->hasIdentity()){
            $role = $auth->getIdentity();
        }else{
             $role = 'guest';
        }
        $acl = new Model_LibraryAcl();
        $resource = $request->getControllerName();
        $action = $request->getActionName();


        if ($acl->isAllowed($role,$resource,$action) ){

                $request->setControllerName('authentication')
                        ->setActionName('login');

        } 
    }
}

并将其添加到 LibraryAcl.php

$this->addRole(new Zend_Acl_Role('guest'));
$this->addRole(new Zend_Acl_Role('user'), 'guest');
$this->addRole(new Zend_Acl_Role('admin'), 'user');

$this->allow('guest', 'authentication', 'login');