需要设置 Zend_Acl 的建议
假设我有类/模型
- 项目(有许多列表)
- 列表
我只想允许作为项目协作者的用户能够添加列表。我该怎么做呢。我知道我应该使用 Zend_Acl_Assert 但我应该传递什么作为资源。对于编辑/删除,我将传递列表本身。对于 add 来说,它似乎更像是一个项目。如果我将 ListsController#addAction() 移至 ProjectsController#addListAction(),哪一个似乎更正确?这是 1 种可能性
但是如果我想做类似 ListsController#addAction() 的事情,我该如何设置我的 acl?
$acl->allow('user', 'list', 'add', new assertClass());
将传递“列表”作为资源。我可以以某种方式传递项目对象吗?这似乎没有意义
Suppose I have the classes/models
- Projects (has many lists)
- Lists
I want to allow only users that are collaborators of a project to be able to add lists. How do I do that. I know I should use Zend_Acl_Assert but what do I pass as the resource. For edit/delete I will pass the list itself. For add it seems more like it should be a project. Which seems more correct if I move the ListsController#addAction() to ProjectsController#addListAction()? This is 1 possibility
But if I want to do something like ListsController#addAction() how can I setup my acl?
$acl->allow('user', 'list', 'add', new assertClass());
Will pass 'list' as the resource. Can I somehow pass a project object instead? It does not seem to make sense tho
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
只要该对象实现了
Zend_Acl_Resource_Interface并已在 ACL 中注册,您就可以使用任何您想要的东西。As long as the object implements
Zend_Acl_Resource_Interfaceand has been registered in the ACL, you can use anything you want.为什么要传递列表进行编辑和删除,似乎没有必要?在不通过列表的情况下执行此操作会很好。
如果您需要额外的检查,我所做的就是在我的模型 preSave 上添加一个 EnsurePermission 检查,它会检查 ACL 等,以确定一切正常。
Why are you passing the list for edit and delete, seems unnecessary? Doing it without the passing the list will work fine.
If you require extra checks, what I've done is add a ensurePermission check on my model preSave, which checks the ACL among other things to determine that it's all good.