最受欢迎

EzPublish用户:如何在标准symfony控制器前使用EzPublish访问控制

EzPublish users : how to use ezPublish access control in front standard symfony controller

本文关键字:EzPublish 控制器 访问控制 symfony 标准 用户 | 更新日期: 2023-09-27

我只在管理端使用ezPublish 5.3。我想做的是在后台管理用户/用户组/角色,并控制他们对FOSRestBundle设计的API的访问。

这是我的保证金。yml: 

security:
    providers:
        ezpublish:
            id: ezpublish.security.user_provider
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        my_api:
            pattern: ^/api/v[0-9]+
            stateless: true
            ezpublish_http_basic:
                realm: eZ Publish REST API
        ezpublish_front:
            pattern: ^/
            anonymous: ~
            ezpublish_rest_session: ~
            form_login:
                require_previous_session: false
            logout: ~
        default:
            anonymous: ~

这是我想在控制器中做的:

<?php
namespace Acme'AppBundle'Controller;
use FOS'RestBundle'Controller'FOSRestController;
class ItemsController extends FOSRestController
{
    public function postItemsAction(Request $request)
    {
        if (!$this->get('security.authorization_checker')->isGranted('EZ_CUSTOM_ROLE')) {
            throw new 'Exception('No Auth');
        }
        //... do something
     }
}

我得到了这样的回应:

{
  "code": 0,
  "message": "User 'USER_LOGIN' doesn't have user/login permission to SiteAccess 'site'"
}

我怎么才能做到呢?如何检索用户角色

在分析器中,我可以看到,当我对该操作执行具有基本权限的标准POST时,用户连接到默认的Symfony角色ROLE_USER

我的解决方案是:

<?php
namespace Acme'AppBundle'Controller;
use FOS'RestBundle'Controller'FOSRestController;
use eZ'Publish'API'Repository'Values'User'RoleAssignment;
use eZ'Publish'API'Repository'Values'User'User;
class ItemsController extends FOSRestController
{
    public function postItemsAction(Request $request)
    {
        if (!$this->isUserRoleGranted()) {
            throw new 'Exception('No Auth');
        }
        //... do something
     }
    private function isUserRoleGranted()
    {
        $user = $this->getCurrentUser();
        if ($user instanceof User) {
            $roleService = $this->get('ezpublish.api.repository')->getRoleService();
            $roles       = $roleService->getRoleAssignmentsForUser($user, true);
            if (is_array($roles) && !empty($roles)) {
                foreach ($roles as $role) {
                    if ($role instanceof RoleAssignment) {
                        $roleIdentifier = $role->getRole()->__get('identifier');
                        if (is_string($roleIdentifier) && $roleIdentifier === 'EZ_CUSTOM_ROLE') {
                            return true;
                        }
                    }
                }
            }
        }
        return false;
    }
    private function getCurrentUser()
    {
        return $this->get('ezpublish.api.repository')->getUserService()->loadUser(
            $this->get('ezpublish.api.repository')->getPermissionResolver()->getCurrentUserReference()->getUserId()
        );
    }
}
相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习