Joe*_*473 5 php zend-framework zend-acl zend-navigation
我正在使用Zend Acl和Zend Navigation.我在引导程序中设置导航.如果用户无权访问资源,我试图让链接不显示.我已阅读了几个教程,多次浏览了zend参考手册,但导航中的所有链接仍然出现在访客用户中,即使有些只应显示给管理员用户
protected function _initNavigationMenu()
{
$this->bootstrap("layout");
$layout = $this->getResource('layout');
$view = $layout->getView();
$navigation_model = new Core_Model_Navigation();
$result = $navigation_model->getTopLevelNavigationLinksForDisplay();
$sanitized = $navigation_model->sanatizeNavigationForDisplay($result);
$config = new Zend_Config($sanitized);
$nav = new Zend_Navigation($config);
$view->navigation($nav)
->setAcl($this->_acl->acl())
->setRole((string)BW::user() -> role);
}
所有ACL角色和资源以及导航都来自数据库,以防万一
这是由$ sanitized创建的数组
Array
(
[0] => Array
(
[parent_id] => 0
[label] => File Manager
[order] => 1
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[module] => file
[reset_params] => 1
[id] => fileManagerLink
)
[1] => Array
(
[parent_id] => 0
[label] => Upload
[title] => Upload a file
[order] => 2
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[controller] => upload
[module] => file
[reset_params] => 1
[id] => fileManagerUploadLink
)
[2] => Array
(
[parent_id] => 0
[label] => Files
[title] => Manage your files
[order] => 3
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[controller] => manage
[module] => file
[reset_params] => 1
[id] => FileManagerFilesLink
)
[3] => Array
(
[parent_id] => 0
[label] => Contacts
[order] => 4
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[controller] => contact
[module] => file
[reset_params] => 1
[id] => Contacts
)
[4] => Array
(
[parent_id] => 0
[label] => My Account
[title] => Your Account
[order] => 5
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => index
[controller] => user
[reset_params] => 1
[id] => myAccountNavigationLink
)
[5] => Array
(
[parent_id] => 0
[label] => Admin
[title] => The administration panel
[order] => 6
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[module] => admin
[reset_params] => 1
[id] => Administration
)
[6] => Array
(
[parent_id] => 0
[label] => Test for ACL
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[7] => Array
(
[parent_id] => 0
[label] => Test for ACL
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[8] => Array
(
[parent_id] => 0
[label] => Test for ACL
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[9] => Array
(
[parent_id] => 0
[label] => Test for ACL
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[10] => Array
(
[parent_id] => 0
[label] => ACL Test
[order] => 0
[resource] => 8
[privilage] => index
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[11] => Array
(
[parent_id] => 0
[label] => Joey
[order] => 0
[resource] => adminIndexIndex
[privilage] => index
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[12] => Array
(
[parent_id] => 0
[label] => another test
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[13] => Array
(
[parent_id] => 0
[label] => another test
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[14] => Array
(
[parent_id] => 0
[label] => another test
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[15] => Array
(
[parent_id] => 0
[label] => another stupid test
[order] => 0
[resource] => Admin Homepage
[privilage] => index
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
[16] => Array
(
[parent_id] => 0
[label] => another stupid test
[order] => 0
[resource] => 9
[active] => 1
[visible] => 1
[internal_page] => 1
[action] => add-navigation
[controller] => manage
[module] => admin
[reset_params] => 1
)
)
Mat*_*ter 15
乔伊,
关于此的良好文档很难找到,但它存在.你需要做什么,在你的应用程序的引导程序中有两件事:
在我的bootstraps中,我使用类似于以下的功能来执行此操作.以下是关键方面的示例:
生成ACL:
protected function _buildAclList()
{
$acl = new Zend_Acl();
// setup the roles for the application
$acl->addRole(new Zend_Acl_Role('guest'));
$moduleResource = new Zend_Acl_Resource('administration');
$acl->add($moduleResource)
->add(new Zend_Acl_Resource('admin:copyright'), $moduleResource);
$acl->allow(
array('guest'),
array('admin:copyright'),
array('view')
);
Zend_Registry::set('acl', $acl);
return $acl;
}
在这里,根据您的应用需要设置ACL.资源方法返回它们以供其他地方使用,并且它们也存储在注册表中.
将导航链接到生成的ACL(还指定默认角色):
protected function _buildNavigationList()
{
$this->bootstrap('layout');
$layout = $this->getResource('layout');
$view = $layout->getView();
$config = new Zend_Config_Xml(APPLICATION_PATH . '/configs/navigation.xml', 'nav');
$acl = Zend_Registry::get('acl');
$navigation = new Zend_Navigation($config);
$view->navigation($navigation);
Zend_View_Helper_Navigation_HelperAbstract::setDefaultAcl($acl);
Zend_View_Helper_Navigation_HelperAbstract::setDefaultRole(
Common_Controller_Plugin_Acl::DEFAULT_ROLE
);
return $navigation;
}
资源方法从注册表中获取以前创建的acl,并使用setDefaultAcl方法将它们与默认角色一起分配给应用程序导航对象.
构建尊重ACL的导航
<?xml version="1.0" encoding="UTF-8"?>
<config>
<nav>
<administration>
<label>Administration</label>
<uri></uri>
<resource>reports:report</resource>
<privilege>view</privilege>
<pages>
<page_admin_copyright>
<label>Copyright maintenance</label>
<uri>/admin/copyright</uri>
<resource>admin:copyright</resource>
<privilege>view</privilege>
</page_admin_copyright>
</pages>
</administration>
</nav>
</config>
在这里,我们创建了一个名为管理的部分,要求用户在admin:copyright资源上拥有查看权限,该客户确实感谢预先构建的acl列表.
现在,当你调用$ this-> navigation() - > menu() - > render()等时,菜单选项将基于用户的访问权限.
嗯,我想我应该在我的网站上添加一个帖子.一切都很好.
马特