如何在zend frawork2中通过out身份验证使自定义控制器和操作可用
如何在zend frawork2中通过out身份验证使自定义控制器和操作可用
提问于 2017-02-17 07:38:27
我已经创建了一个自定义控制器和动作init。现在我想以访问者的身份访问这个控制器(没有登录)。
我的自定义控制器:
class Default_mycustomController extends Zend_Controller_Action
{
public function downloadAction()
{
}
}我在"AccessControl.php“中提到了这个控制器,如下所示
$acl->addResource(new Zend_Acl_Resource('default:mycustom'));
$acl->allow('role-assigned', 'default:mycustom', array('index','download'));当我请求权限时,"AccessControl.php“文件将重写与自定义控制器相关的代码。
如果不在acesscontrol.php文件中添加上述代码。我面临身份验证问题。
如何创建自定义控制器和操作,以便我可以使用out登录访问它,并且不应该在访问控制文件中覆盖
提前感谢
回答 1
Stack Overflow用户
发布于 2017-02-17 09:06:59
This is how i do my ACL controller plugin that has roles + resources where resources are combos of {{module}}_{{controller}} => array({{actions}})
<?php
class My_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// set up acl
$obj_acl = new Zend_Acl();
// add the roles
$obj_acl->addRole(new Zend_Acl_Role('guest'));
$obj_acl->addRole(new Zend_Acl_Role('member'), 'guest');
$obj_acl->addRole(new Zend_Acl_Role('admin'), 'member');
// define all role/resource/actions
$arr_role_resources = array(
// role => array of resources
'guest' => array(
'default_index' => array('index', 'about-us', 'testimonials', 'interns', 'staff', 'contact-us'),
'default_error' => array('error', 'denied'),
'default_account' => array('index', 'login', 'register', 'logout', 'forgot-password'),
'store_index' => array('index'),
'store_category' => array('index', 'list', 'view'),
'store_search' => array('index', 'results',),
'store_product' => array('index', 'view', 'ajax-variant'),
'store_cart' => array('index', 'view', 'empty', 'checkout', 'payment', 'review', 'confirmation', 'apply-coupon'),
'store-admin_index' => array('login')
),
'member' => array(
'default_account' => array('index', 'me', 'update', 'change-password', 'orders', 'view-order'),
),
'admin' => array(
'store-admin_index' => array('index'),
'store-admin_category' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_customers' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_customer-group' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_orders' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_product' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_coupon' => array('index', 'list', 'create', 'update', 'delete'),
'store-admin_import' => array('index', 'list', 'create', 'update', 'delete'),
)
);
// create a list of registered resources
$registered_resources = array();
// add the resources for each role
foreach($arr_role_resources as $role => $arr_resource)
{
foreach($arr_resource as $name_resource => $subset)
{
// If the resource hasn't been added add it
if(!in_array($name_resource, $registered_resources))
{
// register the resource
$obj_acl->add(new Zend_Acl_Resource($name_resource));
// remember that we registered this resource
$registered_resources[] = $name_resource;
}
// add the subset of privileges this role has for this resource
$obj_acl->allow($role, $name_resource, $subset);
}
}
// Admin can do anything by default
$obj_acl->allow('admin', null);
// fetch the current user's role
$obj_auth = Zend_Auth::getInstance();
$role = 'guest';
if($obj_auth->hasIdentity())
{
$role = strtolower($obj_auth->getIdentity()->role);
}
try
{
// requested resource
$resource = $request->module . '_' . $request->controller;
$action = $request->action;
// Check to see if user's role has access to the current resource
if(!$obj_acl->isAllowed($role, $resource, $action))
{
// direct users to an error page
if($request->module == 'store-admin')
{
$request->setModuleName('store-admin');
$request->setControllerName('index');
$request->setActionName('login');
}
else
{
$request->setControllerName('error');
$request->setActionName('denied');
}
}
}
catch(Zend_Acl_Exception $e) {
echo $e->getMessage();
// direct users to an error page
if($request->module == 'store-admin')
{
$request->setModuleName('store-admin');
$request->setControllerName('index');
$request->setActionName('login');
}
else
{
$request->setControllerName('error');
$request->setActionName('denied');
}
}
}
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/42292085
复制相关文章
相似问题
腾讯云开发者
