douhu2525 2012-05-15 11:33
浏览 24
已采纳

允许操作资源发挥作用

I want to allow resource to role using ACL in Zend framework

I have modules privileges and account.

privileges module has users and privilege controllers. each controller has index, view and edit actions.

How can I grant action aresource to role? The problem I face that I can grant access to whole module but I can't give access to specific action in controller.. 

    $this->addRole(new Zend_Acl_Role('admin'));

    $this->add(new Zend_Acl_Resource('privileges'))
            ->add(new Zend_Acl_Resource('privileges-privilege'))
            ->add(new Zend_Acl_Resource('privileges-users'))
            ->add(new Zend_Acl_Resource('account'))
            ->add(new Zend_Acl_Resource('default'));


    $this->deny('admin'); //deny every thing
    $this->allow('admin', 'account');
    $this->allow('admin', 'privileges-privilege' , array('index','view','edit'));

and also I make another way 

 $this->add(new Zend_Acl_Resource('privileges'))
      ->add(new Zend_Acl_Resource('privilege'), 'privileges')
       ->add(new Zend_Acl_Resource('Privilege'),array('index','view','edit'))
      ->add(new Zend_Acl_Resource('users', 'privileges'))
      ->add(new Zend_Acl_Resource('account'))
      ->add(new Zend_Acl_Resource('account:account'), 'account')
      ->add(new Zend_Acl_Resource('default'));

     $this->deny('admin'); //deny every thing
    $this->allow('admin', 'account');
      $this->allow('admin', 'Privilege', array('index','view','edit'));

but it doesn't work, making both ways cause the same problem, which not granting any access to privilege module! and just allow account module..

  • 写回答

1条回答 默认 最新

  • dqst96444 2012-05-16 11:31
    关注

    I make it, I make concatenation between module and controller, I make like this

    moduleName-ControllerName .

    I pass role and the concatenated module and controller as resources and action is the privilege.

         if (!$this->_acl->isAllowed($role, $request->getModuleName() . '-' . $request->getControllerName(), $request->getActionName())) {
                $request->setModuleName('account')
                ->setControllerName('account')
                ->setActionName('error');
                 return false;
    }

    and here how I add the resources

          $this->add(new Zend_Acl_Resource('privileges'))
            ->add(new Zend_Acl_Resource('privileges-privilege'))
            ->add(new Zend_Acl_Resource('privileges-users'))
            ->add(new Zend_Acl_Resource('privileges-index'))
            ->add(new Zend_Acl_Resource('account'))
              ->add(new Zend_Acl_Resource('account-account'))
            ->add(new Zend_Acl_Resource('default'))
            ->add(new Zend_Acl_Resource('error'))
            ->add(new Zend_Acl_Resource('default-index'));



    // $this->allow('admin'); //allow every thing
    $this->allow('admin', 'account-account');
    $this->allow('admin', 'default');
    $this->allow('admin', 'default-index');
    $this->allow('admin', 'privileges-users', array('index','add-User','get-Group-Users'));
    $this->allow('admin', 'privileges-index', 'index');
    $this->allow('admin', 'privileges-privilege', array('index', 'get-privileges', 'update-privileges','get-User-Privileges','get-Group-Privileges'));
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 idea运行测试代码报错问题
  • ¥15 网络监控:网络故障告警通知
  • ¥15 django项目运行报编码错误
  • ¥15 请问这个是什么意思?
  • ¥15 STM32驱动继电器
  • ¥15 Windows server update services
  • ¥15 关于#c语言#的问题:我现在在做一个墨水屏设计,2.9英寸的小屏怎么换4.2英寸大屏
  • ¥15 模糊pid与pid仿真结果几乎一样
  • ¥15 java的GUI的运用
  • ¥15 我想付费需要AKM公司DSP开发资料及相关开发。