我正在尝试关注Phalcon PHP中的online tutorial,并且我正处于创建ACL的阶段,并根据用户的角色设置权限(来自会话变量)。
但是,即使用户登录并且他们的角色从guest更改为user,权限文件似乎也没有正确设置其权限,因此他们不会转发给他们仪表板,而是回退到登录屏幕。
Permissions.php
use Phalcon\Mvc\Dispatcher;
use Phalcon\Events\Event;
use Phalcon\Acl;
class Permission extends Phalcon\Mvc\User\Plugin
{
const GUEST = 'guest';
const USER = 'user';
const ADMIN = 'admin';
protected $_publicResources = [
'index' => '*',
'login' => '*'
];
protected $_userResources = [
'dashboard' => ['*'],
'logout' => ['*']
];
protected $_adminResources = [
'admin' => ['*']
];
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
{
$role = $this->session->get('role');
if (!$role) {
$role = self::GUEST;
}
$controller = $dispatcher->getControllerName();
$action = $dispatcher->getActionName();
$acl = $this->_getAcl();
$allowed = $acl->isAllowed($role, $controller, $action);
if ($allowed != Acl::ALLOW) {
$this->response->redirect('login/');
return false;
}
}
protected function _getAcl()
{
if (!isset($this->persistent->acl)) {
$acl = new Acl\Adapter\Memory();
$acl->setDefaultAction(Acl::DENY);
$roles = [
self::GUEST => new Acl\Role(self::GUEST),
self::USER => new Acl\Role(self::USER),
self::ADMIN => new Acl\Role(self::ADMIN)
];
foreach ($roles as $role) {
$acl->addRole($role);
}
foreach ($this->_publicResources as $resource => $action) {
$acl->addResource(new Acl\Resource($resource), $action);
}
foreach ($this->_userResources as $resource => $action) {
$acl->addResource(new Acl\Resource($resource), $action);
}
foreach ($this->_adminResources as $resource => $action) {
$acl->addResource(new Acl\Resource($resource), $action);
}
foreach ($roles as $role) {
foreach ($this->_publicResources as $resource => $action) {
$acl->allow($role->getName(), $resource, '*');
}
}
foreach ($this->_userResources as $resource => $actions) {
foreach ($actions as $action) {
$acl->allow(self::USER, $resource, $action);
$acl->allow(self::ADMIN, $resource, $action);
}
}
foreach ($this->_adminResources as $resource => $actions) {
foreach ($actions as $action) {
$acl->allow(self::ADMIN, $resource, $action);
}
}
$this->persistent->acl = $acl;
}
return $this->persistent->acl;
}
}
如果我print_r($acl),这就是我得到的:
Phalcon\Acl\Adapter\Memory Object
(
[_eventsManager:protected] =>
[_defaultAccess:protected] => 0
[_accessGranted:protected] => 1
[_activeRole:protected] => user
[_activeResource:protected] => index
[_activeAccess:protected] => index
[_rolesNames:protected] => Array
(
[guest] => 1
[user] => 1
[admin] => 1
)
[_roles:protected] => Array
(
[0] => Phalcon\Acl\Role Object
(
[_name:protected] => guest
[_description:protected] =>
)
[1] => Phalcon\Acl\Role Object
(
[_name:protected] => user
[_description:protected] =>
)
[2] => Phalcon\Acl\Role Object
(
[_name:protected] => admin
[_description:protected] =>
)
)
[_resourcesNames:protected] => Array
(
[*] => 1
[index] => 1
[login] => 1
[dashboard] => 1
[logout] => 1
[admin] => 1
)
[_resources:protected] => Array
(
[0] => Phalcon\Acl\Resource Object
(
[_name:protected] => index
[_description:protected] =>
)
[1] => Phalcon\Acl\Resource Object
(
[_name:protected] => login
[_description:protected] =>
)
[2] => Phalcon\Acl\Resource Object
(
[_name:protected] => dashboard
[_description:protected] =>
)
[3] => Phalcon\Acl\Resource Object
(
[_name:protected] => logout
[_description:protected] =>
)
[4] => Phalcon\Acl\Resource Object
(
[_name:protected] => admin
[_description:protected] =>
)
)
[_access:protected] => Array
(
[guest!*!*] => 0
[user!*!*] => 0
[admin!*!*] => 0
[guest!index!*] => 1
[guest!login!*] => 1
[user!index!*] => 1
[user!login!*] => 1
[admin!index!*] => 1
[admin!login!*] => 1
)
[_roleInherits:protected] =>
[_accessList:protected] => Array
(
[*!*] => 1
[index!*] => 1
[login!*] => 1
[dashboard!*] => 1
[logout!*] => 1
[admin!*] => 1
)
[_func:protected] =>
[_noArgumentsDefaultAction:protected] => 1
)