Zend ACL 是否适合所有者对内容的权限
我认为 Zend ACL 用于向用户类型(学生、教师)授予权限。它可以用于根据内容授予权限吗?我的意思是这篇博文是由该用户撰写的,他们可以对其进行编辑。其他人无法编辑。 Zend ACL 可以满足此要求吗?
I think Zend ACL is used to give permissions to user types (student, teacher). Can it be used to give permissions on per content basis. What I mean is this blog post was written by this user and they can edit it. Others can't edit it. Can Zend ACL work with this requirement?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
是的,ZF 中的 Zend ACL 可用于确定所有者权限和设置,以允许内容所有者编辑自己的帖子等。我不确定这个地方是否有您想要的具体示例,但您可以查看一些 Zend ACL 教程zftutorials.com
更新
设置 ACL 可以在有很多不同的方式,具体取决于您的组等的设置方式。因此,很难提供明确的方法来执行此操作,但其要点是获得每个所有者可以执行的操作的权限设置。然后,在发生该操作的控制器中,您将看到类似以下内容:
这将告诉作者是否允许编辑他们自己的内容。这些规则需要以某种方式设置,要么通过配置文件,要么通过 xml 文件,zftutorials 可能会对此有所说明。
如果我有时间编写教程,我会在这里更新。但是,是的,与采埃孚一起编写教程是一个相当乏味的过程,因为每个人都有不同的处理项目和偏好的方式,更不用说设置它所需的所有内部工作了。
Yes the Zend ACL in ZF can be used to determine owner rights and setup to allow content owner to edit their own posts etc. I am not sure if this place has specific examples for what you want, but you can checkout some Zend ACL Tutorials from zftutorials.com
UPDATE
Setting up the ACL can be done in many different ways depending on how your groups etc are setup. Because of that it is hard to provide a clear cut way of how to do this, but the gist of it is to get the permissions setup on what each owner can do. Then in your Controller where that Action takes place you would have something like:
This would tell if that author is allowed to edit their own content. Those rules would need to be setup in some way, either via a config file or xml file, which the zftutorials place may shed some light on.
If I get time to work up a tutorial I will update it here. But yea, it is a pretty tedious process to work up a tutorial with ZF given that everyone has different ways of doing items and preferences, not to mention all the inner workings required to set it up.
您可以为 Zend_Acl 创建自定义断言。这些自定义断言可以作为第四个参数传递给常规的allow()方法,例如
断言可以包含您想要的任何代码。它必须返回一个布尔值,任何 ACL 检查都会考虑该值,例如,此用户 ID 是否允许使用该权限访问此资源,并且那个自定义检查?
You can create custom assertions for Zend_Acl. These custom assertions can be passed to the regular
allow()method as the fourth param, e.g.The assertion can contain any code you want. It has to return a Boolean which will be considered for any ACL checks then, e.g. is this userid allowed access to this resource with that privilege and that custom check?