最後我決定去項目3.當前應用程序的邏輯是這樣的,任何控制器,它具有爲MyObject在爭論應該執行訪問檢查。
我ext_localconf.php
$signalSlotDispatcher->connect(
\TYPO3\CMS\Extbase\Mvc\Controller\ActionController::class,
'beforeCallActionMethod',
\MyVendor\MyExt\Slot\MyObjectAccessor::class,
'actionAuthorized'
);
\的Myvendor \ MyExt \這個解決方案的槽\ MyObjectAccessor
class MyObjectAccessor{
use LoggedInUserAccessor;
/**
* @var \TYPO3\CMS\Extbase\Object\ObjectManagerInterface
* @inject
*/
protected $objectManager;
/**
* Checks whether current user is allowed to access MyObject, from provided arguments
* @param string $controller
* @param string $action
* @param array $arguments
* @throws AccessViolationException
*/
public function actionAuthorized($controller, $action, array $arguments) {
foreach($arguments as $argument) {
// if MyObject is accessed and it was persisted before
if(($argument instanceof MyObject) && $argument->getUid()) {
$loggedInUser = $this->getLoggedInUser();
if($argument->getUser() !== $loggedInUser) {
throw new AccessViolationException(
'Access violation by "' . $loggedInUser->getUsername() . '" with MyObject "' . $argument->getTitle() . '"',
1441808407
);
}
}
}
}
}
缺點:插槽任何操作運行,它可以吃一些資源。
好處:沒有控制器應該知道關於MyObject訪問規則的細節。
將所有操作放入自己的前端插件中,並使用前端的普通用戶限制來限制這些操作的範圍(如果需要,也可以製作兩個控制器)。 – pgampe