我想允许资源在Zend框架中使用ACL扮演角色
我有模块权限和帐户。
权限模块具有用户和权限控制器。每个控制器都有索引、查看和编辑操作。
如何将操作资源授予角色?我面临的问题是我可以授予对整个模块的访问权限,但我无法授予对控制器中特定操作的访问权限。
$this->addRole(new Zend_Acl_Role('admin'));
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privileges-privilege'))
->add(new Zend_Acl_Resource('privileges-users'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('default'));
$this->deny('admin'); //deny every thing
$this->allow('admin', 'account');
$this->allow('admin', 'privileges-privilege' , array('index','view','edit'));
我也做了另一种方式
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privilege'), 'privileges')
->add(new Zend_Acl_Resource('Privilege'),array('index','view','edit'))
->add(new Zend_Acl_Resource('users', 'privileges'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('account:account'), 'account')
->add(new Zend_Acl_Resource('default'));
$this->deny('admin'); //deny every thing
$this->allow('admin', 'account');
$this->allow('admin', 'Privilege', array('index','view','edit'));
但它不起作用,使两种方式都会导致相同的问题,即不授予对权限模块的任何访问权限! 并且只允许帐户模块。
我做到了,我在模块和控制器之间做连接,我做这样
模块名称-控制器名称 .
我将角色和串联的模块和控制器作为资源传递,操作是特权。
if (!$this->_acl->isAllowed($role, $request->getModuleName() . '-' . $request->getControllerName(), $request->getActionName())) {
$request->setModuleName('account')
->setControllerName('account')
->setActionName('error');
return false;
}
以及我如何添加资源
$this->add(new Zend_Acl_Resource('privileges'))
->add(new Zend_Acl_Resource('privileges-privilege'))
->add(new Zend_Acl_Resource('privileges-users'))
->add(new Zend_Acl_Resource('privileges-index'))
->add(new Zend_Acl_Resource('account'))
->add(new Zend_Acl_Resource('account-account'))
->add(new Zend_Acl_Resource('default'))
->add(new Zend_Acl_Resource('error'))
->add(new Zend_Acl_Resource('default-index'));
// $this->allow('admin'); //allow every thing
$this->allow('admin', 'account-account');
$this->allow('admin', 'default');
$this->allow('admin', 'default-index');
$this->allow('admin', 'privileges-users', array('index','add-User','get-Group-Users'));
$this->allow('admin', 'privileges-index', 'index');
$this->allow('admin', 'privileges-privilege', array('index', 'get-privileges', 'update-privileges','get-User-Privileges','get-Group-Privileges'));