CakePHP:解释 ACL
上周我一直在查看 CakePHP 的 ACL 教程,它看起来非常复杂。例如,假设我有一个网站,它是一个简单的博客,并且具有以下用户类型:管理员、会员和访客。为什么我没有用户表和组表(组表有一组简单的 CRUD 列,每个组类型有 0 或 1 值) 然后使用简单的 ID 将用户链接到组。然后在控制器中检查用户是否已登录或者他们是否属于允许访问的组。
我很困惑为什么 ACL 需要所有额外的代码和表,更重要的是为什么创建新控制器时需要重建 ACL 表?
如果有人能解释其中一些问题,我们将不胜感激。谢谢。
I have been looking at CakePHP's ACL tutorials over the last week and it all seems massively complicated. For instance say I had a website that was a simple blog and had the following user types: Admin, Member and Guest. Why could I not have a users table and a groups table (the groups table having a simple CRUD set of columns with 0 or 1 values for each group type)
and then link the users to the groups with a simple ID. And then in the controller just check if the user is logged in or if they are in which group to allow access.
I'm confused about why ACL requires all that additional code and tables, more so why does the ACL table need rebuilding when ever a new controller is created?
If someone could explain some of these questions, it'd be much appreciated. Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
CakePHP ACL 的 2 部分教程
http://mark-story.com/posts/view/auth-and-acl-an-end-to-end-tutorial-pt-1
http://mark-story.com/posts/view/auth- and-acl-an-end-to-end-tutorial-pt-2
它有更好的解释。
2-part tutorial on CakePHP ACL
http://mark-story.com/posts/view/auth-and-acl-an-end-to-end-tutorial-pt-1
http://mark-story.com/posts/view/auth-and-acl-an-end-to-end-tutorial-pt-2
It has a much better explanation.
听起来您可能想查看一个名为 Permissionable 的插件,因为它具有组的概念。掌握其背后的概念需要一定的学习曲线,但如果您熟悉 UNIX 权限,这将会有所帮助。
这里对此有一个很好的解释。
It sounds like what you may want to check out a plugin called Permissionable since it has the concepts of groups. It has a bit of a learning curve to grasp the concepts behind it but if you're familiar with UNIX permissions, that will help.
Here is a good explanation on it.