为 Zend 导航页面授予多个 ACL 权限
我正在使用 Zend_Navigation 并尝试将其与 Zend_Acl 集成。导航中的每个页面都有一个privilege 属性。我无法确定的是如何为单个页面定义多个权限。
用例:用于管理用户的页面。如果当前登录用户的角色具有 add、edit 或 delete 权限,我想在导航中显示该页面>用户资源。
导航 XML 中的示例条目:
<admin_users>
<label>Users</label>
<route>default</route>
<controller>admin</controller>
<action>users</action>
<resource>Users</resource>
<privilege>add,edit,delete</privilege>
</admin_users>
使用上面的逗号分隔列表并不能提供所需的行为。
更新
深入研究代码后,我发现 Zend_Navigation_Page 只允许单个字符串值。有没有人扩展了这个类或找到了解决此限制的另一种方法?
/**
* Sets ACL privilege associated with this page
*
* @param string|null $privilege [optional] ACL privilege to associate
* with this page. Default is null, which
* sets no privilege.
* @return Zend_Navigation_Page fluent interface, returns self
*/
public function setPrivilege($privilege = null)
{
$this->_privilege = is_string($privilege) ? $privilege : null;
return $this;
}
I'm using Zend_Navigation and am trying to integrate it with Zend_Acl. Each page in the navigation has a privilege attribute. What I can't determine is how to define multiple privileges for a single page.
Use case: A page that is for managing users. I want to display that page (in navigation) if the current signed in user's role has add, edit, or delete privileges on the Users resource.
Example entry in the navigation XML:
<admin_users>
<label>Users</label>
<route>default</route>
<controller>admin</controller>
<action>users</action>
<resource>Users</resource>
<privilege>add,edit,delete</privilege>
</admin_users>
Using a comma-separated list as above doesn't lend the desired behavior.
UPDATE
After digging through the code, I found that Zend_Navigation_Page only allows a single string value. Has anyone extended this class or found another way around this limitation?
/**
* Sets ACL privilege associated with this page
*
* @param string|null $privilege [optional] ACL privilege to associate
* with this page. Default is null, which
* sets no privilege.
* @return Zend_Navigation_Page fluent interface, returns self
*/
public function setPrivilege($privilege = null)
{
$this->_privilege = is_string($privilege) ? $privilege : null;
return $this;
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我意识到我的问题是我缺乏“查看”类型的权限。当我加载资源权限时,如果用户对该资源具有任何权限,我现在会授予该资源的“管理员”权限。然后我在页面上使用“管理员”权限。
I realized that my problem was my lack of a 'view' type permission. When I'm loading the resource privileges, I now grant an 'admin' privilege on the resource if the user has any privileges for that resource. I then use the 'admin' privilege on the page.
可能需要某种嵌套才能将权限作为数组传递:
编辑:
常识告诉我们一个链接应该指向一个操作。您可以将
Probably some kind of nesting is required to pass the privileges as an array:
Edit:
Common sense tells that one link should point to one action. You may add
<params>nodes to the menu.您尝试过以下方法吗?我不确定它是否会起作用,但我有一种感觉。
Have you tried the following? I'm not sure if it would work, but I have a feeling it would.