在zend 2中允许控制器操作而不进行身份验证

时间:2015-09-24 15:04:31

标签: php cron zend-framework2 acl

我是Zend&的新手在Zend2上工作,我有cron作业功能来做一些自动通知。为此,功能已准备就绪;它是在Cron(Linux服务器)中设置的。

现在,当对这些功能进行调用时,它们将被重定向到Login操作。现在我应该允许这些特定的通知功能摆脱这种身份验证过程。

在cakephp中,我们有NSUserDefaults.standardUserDefaults().registerDefaults(["UserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A"]) ,允许在没有登录操作的情况下工作。在zend 2中有没有办法做到这一点?

我和link类似。但它没有说明在ACL中提到动作名称的位置

1 个答案:

答案 0 :(得分:0)

这是我使用自定义acl管理代码的方式:

在我的用户模块中,我放置了Acl配置来管理对3个不同角色的资源的访问:来宾,成员,管理员。

module.config.php具有以下属性" acl":

'acl' => array(
    'role' => array(
        'guest' => null,
        'member' => array('guest'),
        'admin' => null,
    ),
    // List of modules to apply the ACL. This is how we can specify if we have to protect the pages in our current module.
    'modules' => array(
        'User',
        'Application'
    ),
    'resource_aliases' => array(
        'User\Controller\Account' => 'account',
        ...
    ),
    'resource' => array(
        // resource -> single parent
        'account' => null,
        'log' => null
        ...
    ),
    'allow' => array(
        array('guest', 'log', array('in', 'out')),
        array('guest', 'account', array('register', 'verify', 'recovery', 'verificationprogress')),
        ...
        array('admin', null, null), // the admin can do anything with the accounts
    ),
    'deny' => array(
    ),
    'defaults' => array(
        'guest_role' => 'guest',
        'member_role' => 'member',
        'admin_role' => 'admin',
    ),
)

在Module.php的onBootstrap方法中:

...
$eventManager = $event->getApplication()->getEventManager();
$eventManager->attach(MvcEvent::EVENT_ROUTE, array($this, 'protectPage'), -100);
...

protectPage函数如下所示:

public function protectPage(MvcEvent $event) {
    $match = $event->getRouteMatch();
    if (!$match) {
        //onDispatchError do the job            
    }

    $controller = $match->getParam('controller');
    $action = $match->getParam('action');
    $namespace = $match->getParam('__NAMESPACE__');

    $parts = explode('\\', $namespace);
    $moduleNamespace = $parts[0];

    $services = $event->getApplication()->getServiceManager();
    $config = $services->get('config');

    // check if the current module wants to use the ACL
    $aclModules = $config['acl']['modules'];
    if (!empty($aclModules) && !in_array($moduleNamespace, $aclModules)) {
        return;
    }

    $auth = $services->get('auth');
    $acl = $services->get('acl');

    // get the role of the current user
    $session = new Container("appData");
    $role = "guest";
    if (isset($session->user->role))
        $role = $session->user->role;

    // Get the short name of the controller and use it as resource name
    // Example: User\Controller\Course -> course
    $resourceAliases = $config['acl']['resource_aliases'];
    if (isset($resourceAliases[$controller])) {
        $resource = $resourceAliases[$controller];
    } else {
        $resource = strtolower(substr($controller, strrpos($controller, '\\') + 1));
    }

    // If a resource is not in the ACL add it
    if (!$acl->hasResource($resource)) {
        $acl->addResource($resource);
    }
    try {
        //if the role is allow to pass
        if ($acl->isAllowed($role, $resource, $action)) {                
            //do whatever you need since the use is allowed to access this resource
        }else{
            //send the user to log/in resource
        }
    } catch (AclException $ex) {
        // @todo: log in the warning log the missing resource
    }

}

我希望它有所帮助。

相关问题
最新问题