当前位置：文江博客话题详情

ZF Zend 表单验证器检查是否允许用户更改字段？

发布于 2024-11-19 12:22:32 字数 118 浏览 1 评论 0原文

是否可以为 zend 表单编写一个验证器，检查用户是否有权更改表单字段？意味着用户看到该字段，但如果在未经许可的情况下尝试（没有 acl 权限），他会收到错误消息？随后，这意味着如果不允许用户更改该字段，则该字段将被停用。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

窝囊感情。 2024-11-26 12:22:32

您将需要使用 Zend_Acl 来检查权限。你会想要这样的东西：

/** Application_Validate_HasEditRights::isValid()**/
public function isValid($value, $context = array())
{
    // Set in form or element using $this->setResource()
    $resource  = $this->_resource;
    // Set in form or element using $this->setPrivilege()
    $privilege = $this->_privilege;

    if ( empty($resource) || empty($privilege) ) {
        throw new Zend_Exception("Validator requires a resource and privilege");
    }

    // Set in form or element $this->setOriginalValue()
    $original  = $this->_originalValue;
    $isEdit = false;
    // Check if original matches new value
    if ($original != $value) {
        $isEdit = true;
    }
    /** Get ACL **/
    $acl  = new Zend_Acl();
    $acl->addRole('guest');
    $acl->addRole('administrator', 'guest');

    $acl->addResource('form');
    // $acl->allow('role', 'resource', array('privilege'));
    $acl->allow('guest','form', array('limited')); // arbitrary resource and privilege names
    $acl->allow('administrator','form', array('full-access'));

    // Get the role of the logged in user; this may be different from how you store it
    $role = Zend_Auth::getInstance()->getIdentity()->role;

    // Check if the role has access to this form
    if ( $isEdit && !$acl->isAllowed($role, $resource, $privilege) ) {
        // Set Error message
        $this->_error(self::INVALID_PRIVILEGES);
        return false;
    }

    return true;
}

Your going to want to use Zend_Acl to check permissions. You will want something like this:

/** Application_Validate_HasEditRights::isValid()**/
public function isValid($value, $context = array())
{
    // Set in form or element using $this->setResource()
    $resource  = $this->_resource;
    // Set in form or element using $this->setPrivilege()
    $privilege = $this->_privilege;

    if ( empty($resource) || empty($privilege) ) {
        throw new Zend_Exception("Validator requires a resource and privilege");
    }

    // Set in form or element $this->setOriginalValue()
    $original  = $this->_originalValue;
    $isEdit = false;
    // Check if original matches new value
    if ($original != $value) {
        $isEdit = true;
    }
    /** Get ACL **/
    $acl  = new Zend_Acl();
    $acl->addRole('guest');
    $acl->addRole('administrator', 'guest');

    $acl->addResource('form');
    // $acl->allow('role', 'resource', array('privilege'));
    $acl->allow('guest','form', array('limited')); // arbitrary resource and privilege names
    $acl->allow('administrator','form', array('full-access'));

    // Get the role of the logged in user; this may be different from how you store it
    $role = Zend_Auth::getInstance()->getIdentity()->role;

    // Check if the role has access to this form
    if ( $isEdit && !$acl->isAllowed($role, $resource, $privilege) ) {
        // Set Error message
        $this->_error(self::INVALID_PRIVILEGES);
        return false;
    }

    return true;
}

回复收藏 0 原文

~没有更多了~