class Application_Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract
{
private $_auth=null;
private $_acl=null;
public function __construct() {
$auth = Zend_Auth::getInstance();
$acl = new Zend_Acl;
$this->_auth = $auth;
$this->_acl = $acl;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$resource = $request->getControllerName();
$action = $request->getActionName();
$identity = $this->_auth->getStorage()->read();
$role = $identity->role;
if(!$this->_acl->isAllowed($role,$resource,$action)){
$request->setControllerName('Auth')
->setActionName('login');
}
//echo '<pre>';print_r('inside plugins......success');die();
}
}
This is the ACL plugin page i am using.
In this particular line
if(!$this->_acl->isAllowed($role,$resource,$action))
The function isAllowed is not taking the parameters, the url comes blank.
If i assign if(!$this->_acl->isAllowed($role=null,$resource=null,$action=null)), the page opens but it doesn't have any meaning if i set null.
Seeking for Help
I am adding the model class "AsiaAcl.php" for more clearification
class Model_Asian_Acl extends Zend_Acl{
public function __construct(){
$this->add(new Zend_Acl_Resource('data'));
$this->add(new Zend_Acl_Resource('updatecat'),'data');
$this->add(new Zend_Acl_Resource('detelecategory'),'data');
$this->add(new Zend_Acl_Resource('datas'));
$this->add(new Zend_Acl_Resource('listcat'),'datas');
$this->addRole(new Zend_Acl_Role('user'));
$this->addRole(new Zend_Acl_Role('admin'),'user');
$this->allow('user','datas','listcat');
$this->allow('admin','data','updatecat');
$this->allow('admin','data','deletecategory');
}
}
Thanks.
答案 0 :(得分:1)
我希望我不会失明,但你的ACL只是一个空洞的对象。从我看到你没有为ACL分配任何角色和访问控制。
使用isAllowed()检查角色和资源,但ACL无需检查。您必须创建/扩展自己的ACL类,或者在插件中动态分配角色和控件。
请参阅ACL Doku
<强>更新
太好了,你有自己的ACL类,但你没有使用它!
$acl = new Zend_Acl;
// this is just the empty default ACL, no roles nothing
// you should connect your own ACL class like this
$acl = new Model_Asian_Acl;
如果没有仔细查看你的ACL类,但我认为它应该有用。