Zend:管理员登录策略

时间:2010-02-03 03:34:02

标签: zend-framework

当用户是访客时,他访问/admin/我希望它重定向到/admin/login,当用户在默认模块中并访问他无权访问的资源时to,我希望它重定向到/error

假设/admin是一个模块,我怎么能做到这一点?这是我到目前为止所做的:

<?php
class KG_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{

    public function __construct( 
    Zend_Acl $acl,
    Zend_Auth $auth
    ) {
    $this->_acl = $acl;
    $this->_auth = $auth;
    }

    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {

    $auth = $this->_auth;

    if($auth->hasIdentity()) {
        $identity = $auth->getIdentity();
        $role = strtolower($identity->role);
    }else{
        $role = 'guest';
    }

    $controller = $request->controller;
    $action = $request->action;
    $module = $request->module;

    if ( $module == 'admin' ) {

        if (!$this->_acl->isAllowed($role, $controller, $action)) {
        if ($role == 'guest') {
            $request->setControllerName('index');
            $request->setActionName('index');
        } else {
            $request->setControllerName('login');
            $request->setActionName('index');
        }
        }       

    } else {
        if (!$this->_acl->isAllowed($role, $controller, $action)) {
        if ($role == 'guest') {
            $request->setControllerName('user');
            $request->setActionName('login');
        } else {
            $request->setControllerName('error');
            $request->setActionName('noauth');
        }
        }       
    }

    }    
}

用于定义角色:

<?php

class Model_Acl extends Zend_Acl {

    public function __construct() {

    $this->addRole(new Zend_Acl_Role('guest'));
    $this->addRole(new Zend_Acl_Role('user'), 'guest');
    $this->addRole(new Zend_Acl_Role('administrator'), 'user');

    $this->add(new Zend_Acl_Resource('index'));
    $this->add(new Zend_Acl_Resource('error'));
    $this->add(new Zend_Acl_Resource('admin'));
    $this->add(new Zend_Acl_Resource('page'));
    $this->add(new Zend_Acl_Resource('news'));
    $this->add(new Zend_Acl_Resource('mvc:user_signin'));
    $this->add(new Zend_Acl_Resource('mvc:user_signout'));
    $this->add(new Zend_Acl_Resource('menu'));
    $this->add(new Zend_Acl_Resource('menuitem'));
    $this->add(new Zend_Acl_Resource('user'));
    $this->add(new Zend_Acl_Resource('search'));
    $this->add(new Zend_Acl_Resource('feed'));
    $this->add(new Zend_Acl_Resource('bug'));

    $this->allow(null, array('index', 'error'));

    $this->allow('guest', 'page', array('index', 'open'));
    $this->allow('guest', 'menu', array('render'));
    $this->allow('guest', 'user', array('login'));
    $this->allow('guest', 'search', array('index', 'search'));
    $this->allow('guest', 'feed');
    $this->allow('guest', 'news');

    $this->allow('guest', new Zend_Acl_Resource('mvc:user_signin'), 'navigate');
    $this->deny('guest', new Zend_Acl_Resource('mvc:user_signout'), 'navigate');
    $this->allow('user', new Zend_Acl_Resource('mvc:user_signout'), 'navigate');

    $this->allow('user', 'page', array('list', 'create', 'edit', 'delete'));

    $this->allow('administrator', null);

    }

}

我尝试->deny('guest', 'admin')让它重定向到管理员登录控制器。非常感谢有关解决方案的建议。

1 个答案:

答案 0 :(得分:0)

我最终自定义了定义新资源的代码,而不是仅仅使用控制器,我使资源遵循“module.controller”格式,然后我扩展了它,到目前为止一直很好。

相关问题
最新问题