是否有任何库/解决方案可以提供对资源的部分访问?这样的权限控制如何被称为?
大多数ACL库完全允许/拒绝操作:
user.create
user.update
user.show
但如果应该有一个" partial"允许。 类似的东西:
第一个例子可能如下所示:
权限:
user.show
权限:
status => active
&&
role => guest || moderator
和第二个:
权限:
user.edit
权限:
editable => phone, mail
更新
为了使我的问题更清楚,我添加了这个用法示例,以显示(在我的想法中)它的外观。
// global access
if($user->can('user.show')){
// get the privileges provided by the permissions
$filter = $user->getPrivilegesFor('user.show');
// use the privileges to filter the (database)query
// (using the example above the filter should restrict to active guests and moderators)
$result = $repo->getUsers($filter);
}else{
// access denied
}
// use the result to fill the view
答案 0 :(得分:0)
As far as I know in most of the libraries you have option to extend the class. So you can extend the class user like
class myuser extends user{
This way you can give whatever role or permission you want for guest or moderators. You can use Codeigniter, Zend and lot of other good frameworks.
答案 1 :(得分:0)
使用Zend Framework 2,您将拥有ZfcUser
模块,该模块可与bjyauthorize
模块耦合。并且你需要一些配置。