创建用户角色
我正在 symfony1.4 中做新项目。现在这个项目需要用户登录和浏览,并且任何此类项目都需要一种基于角色限制用户的方法。 我不想以明显的方式实现这一点,即为每个用户提供角色属性并具有预定义的角色并将这些角色分配给用户。这样做的问题是它不太灵活,因为稍后会定义更多角色。
我正在考虑在这里使用 EAV 模型(不确定我是否可以在 symfony 中做到这一点)。你们认为,您是否有更好的建议来使用户角色在添加或删除时更加灵活。
另外,根据用户角色显示页面的最佳方式是什么,因为我希望根据角色隐藏一些元素。我应该比较每个页面中的角色并隐藏每个页面上的元素吗?有更好的解决方案吗?
请阐明这些。
谢谢
I am doing new project in symfony1.4. Now this project requires users to log-in and browse, and as any project of this type requires a way of restricting users based on roles.
I don't want to implement this in obvious way, i.e to have roles attribute for each user and have pre-defined roles and assign these to users. The problem with this is it's not very flexible as more roles get defined later.
I was thinking on the lines of using an EAV model here, (not sure I can do that in symfony). What you guys think, do you have any better suggestions to make user roles much more flexible when they get added or deleted.
Also, what is the best way to display the page based on user roles, as I want some elements to be hidden according to the roles. Should I compare the role in each page and hide elements on every page? Is there a better solution?
Please shed some light on these.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
sfDoctrineGuard 插件 (http://www.symfony-project.org/plugins/sfDoctrineGuardPlugin) 是一种处理用户身份验证、组和凭据的非常全面的方法。用户可以单独或作为一个组设置权限,并且可以根据这些权限限制对特定页面部分或整个操作的访问。您可以在控制器代码本身中设置新的用户凭据,例如
并验证用户在视图中是否具有特定权限:
此页面有许多有关自述文件未涵盖的插件的额外信息 - http://trac.symfony-project.org/wiki/sfGuardPluginExtraDocumentation(尽管它指的是 Propel 而不是 Doctrine)。另外,以下一系列简短教程也非常有用:
http: //www.finalconcept.com.au/article/view/symfony-user-management-sfdoctrineguard-installation
http://www.finalconcept.com.au/article/view/symfony-user-management-sfdoctrineguard-administration
http://www.finalconcept.com.au/article/view/symfony- user-management-sfdoctrineguard-securing-actions
以及有关用户的 Symfony 教程页面:
http://www.symfony-project.org/jobeet/1_4/Doctrine/en/13
The sfDoctrineGuard plugin (http://www.symfony-project.org/plugins/sfDoctrineGuardPlugin) is a pretty comprehensive way of handling user authentication, groups and credentials. Users can be set permissions either individually or as a group, and access to specific page sections or entire actions can be restricted based on those permissions. You can set new user credentials in the controller code itself, e.g.
And verify that a user has particular permissions in views:
This page has lots of extra info on the plugin not covered by the readme file - http://trac.symfony-project.org/wiki/sfGuardPluginExtraDocumentation (although it refers to Propel rather than Doctrine). Also the following series of short tutorials is pretty useful:
http://www.finalconcept.com.au/article/view/symfony-user-management-sfdoctrineguard-installation
http://www.finalconcept.com.au/article/view/symfony-user-management-sfdoctrineguard-administration
http://www.finalconcept.com.au/article/view/symfony-user-management-sfdoctrineguard-securing-actions
And the Symfony tutorial page on users:
http://www.symfony-project.org/jobeet/1_4/Doctrine/en/13