好吧,我有我的zf應用程序與一個用戶登錄系統,如果證書在數據庫中,將用戶引導到一個受限制的區域。不過,我希望使用相同的登錄表單來檢查用戶角色是否爲admin(在數據庫中),以及是否將它們直接指向管理員部分......我正在努力讓我的腦袋圍繞如何使用Zend_Acl執行此操作。 ACL的唯一用途是允許角色爲admin的用戶進入管理部分,對於ZF我是相當新的,所以我不確定什麼是最佳方法。這是我當前的代碼,用於AuthController站點的管理員的Zend框架ACL部分
http://codepaste.net/6hzydvhttp://codepaste.net/6hzydv
感謝
您可以創建一個控制器插件如果用戶有權限訪問基於他的角色控制器/視圖將決定。喜歡的東西:
class My_Controller_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$auth = Zend_Registry::getInstance()->get('auth');
$acl = new Zend_Acl();
// for default module
if ($request->getModuleName() == 'default') {
// access resources (controllers)
// usually there will be more access resources
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('error'));
// access roles
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('user'));
$acl->addRole(new Zend_Acl_Role('administrator'));
// access rules
$acl->allow('guest'); // allow guests everywhere
$acl->allow('user'); // allow users everywhere
$acl->allow('administrator'); // allow administrators everywhere
$role = ($auth->getIdentity() && $auth->getIdentity()->status = 'approved')
? $auth->getIdentity()->role : 'guest';
$controller = $request->getControllerName();
$action = $request->getActionName();
if (!$acl->isAllowed($role, $controller, $action)) {
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$redirector->gotoUrlAndExit('error/denied');
}
}
// for member module
else if ($request->getModuleName() == 'member') {
// access resources (controllers)
// usually there will be more access resources
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('error'));
// access roles
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('user'));
$acl->addRole(new Zend_Acl_Role('administrator'));
// access rules
$acl->allow('user'); // allow users everywhere
$acl->allow('administrator'); // allow administrators everywhere
$role = ($auth->getIdentity() && $auth->getIdentity()->status = 'approved')
? $auth->getIdentity()->role : 'guest';
$controller = $request->getControllerName();
$action = $request->getActionName();
if (!$acl->isAllowed($role, $controller, $action)) {
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$redirector->gotoUrlAndExit('error/denied');
}
}
// for admin module
else if ($request->getModuleName() == 'admin') {
// access resources (controllers)
// usually there will be more access resources
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('error'));
// access roles
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('user'));
$acl->addRole(new Zend_Acl_Role('administrator'));
// access rules
$acl->allow('administrator'); // allow administrators everywhere
$role = ($auth->getIdentity() && $auth->getIdentity()->status = 'approved')
? $auth->getIdentity()->role : 'guest';
$controller = $request->getControllerName();
$action = $request->getActionName();
if (!$acl->isAllowed($role, $controller, $action)) {
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
$redirector->gotoUrlAndExit('error/denied');
}
}
}
}
您可以在這裏一步的教程參見步驟:http://blog.richardknop.com/2009/06/user-login-and-authentication-with-zend_auth-and-zend_acl/
讀取文檔上Zend Acl並瞭解如何授予權限和用戶類型繼承他們。然後檢查這相當simple Zend tutorial on Zend Acl & MVC。
基本上你就必須做到以下幾點:
error/denied.phtml(或任何分機您正在使用)Zend_Controller_Plugin_Acl爲你做髒活
我已經看過這篇博客文章,但是我對框架的瞭解太少,無法理解每個文件在哪裏,我需要一些視圖控制器l和更深入的解釋.. – Rik89 2012-04-10 20:05:19
檢出'Zend_Controller_Plugin_Acl' – Alex 2012-04-11 04:12:22