mysql - ZF2AuthAcl 模块无法开箱即用

标签 mysql zend-framework2

我选择这个 ZF2AuthAcl 模块是为了让我的生活更轻松。由于某种原因,它不能开箱即用。一旦我在 Zend2 Application.config 中激活它,它就会接管整个站点。这意味着它可以直接登录我拥有的任何页面。有一个“白名单”,我尝试将页面添加到数组中,但它似乎不起作用。我将显示它具有的 Acl 页面和“白名单”,也许我没有正确添加它们,或者有更好的方法。它也是数据驱动的。有人成功使用过这个或者知道它吗?

作者告诉我这可能与白名单有关。

我添加到的区域如下所示:

    public function initAcl()
    {
    $this->roles = $this->_getAllRoles();
    $this->resources = $this->_getAllResources();
    $this->rolePermission = $this->_getRolePermissions();
    // we are not putting these resource & permission in table bcz it is
    // common to all user
    $this->commonPermission = array(
        'ZF2AuthAcl\Controller\Index' => array(
            'logout',
            'index'                
        ),
    );
    $this->_addRoles()
        ->_addResources()
        ->_addRoleResources();
}

这是我添加的全部内容。

namespace ZF2AuthAcl\Utility;

use Zend\Permissions\Acl\Acl as ZendAcl;
use Zend\Permissions\Acl\Role\GenericRole as Role;
use Zend\Permissions\Acl\Resource\GenericResource as Resource;
use Zend\ServiceManager\ServiceLocatorAwareInterface;
use Zend\ServiceManager\ServiceLocatorInterface;

class Acl extends ZendAcl implements ServiceLocatorAwareInterface
{

const DEFAULT_ROLE = 'guest';

protected $_roleTableObject;

protected $serviceLocator;

protected $roles;

protected $permissions;

protected $resources;

protected $rolePermission;

protected $commonPermission;

public function setServiceLocator(ServiceLocatorInterface $serviceLocator)
{
    $this->serviceLocator = $serviceLocator;

    return $this;
}

public function getServiceLocator()
{
    return $this->serviceLocator;
}

public function initAcl()
{
    $this->roles = $this->_getAllRoles();
    $this->resources = $this->_getAllResources();
    $this->rolePermission = $this->_getRolePermissions();
    // we are not putting these resource & permission in table bcz it is
    // common to all user
    $this->commonPermission = array(
        'ZF2AuthAcl\Controller\Index' => array(
            'logout',
            'index'                
        ),
        'Frontend\Controller\Index' => array(
            'index'                
        ),
        'Blog\Controller\Blog' => array(
            'blog',
            'list',
            'view',
            'UsMap',
            'maps'                
        )
    );
    $this->_addRoles()
        ->_addResources()
        ->_addRoleResources();
}

public function isAccessAllowed($role, $resource, $permission)
{
    if (! $this->hasResource($resource)) {
        return false;
    }
    if ($this->isAllowed($role, $resource, $permission)) {
        return true;
    }
    return false;
}

protected function _addRoles()
{
    $this->addRole(new Role(self::DEFAULT_ROLE));

    if (! empty($this->roles)) {
        foreach ($this->roles as $role) {
            $roleName = $role['role_name'];
            if (! $this->hasRole($roleName)) {
                $this->addRole(new Role($roleName), self::DEFAULT_ROLE);
            }
        }
    }
    return $this;
}

protected function _addResources()
{
    if (! empty($this->resources)) {
        foreach ($this->resources as $resource) {
            if (! $this->hasResource($resource['resource_name'])) {
                $this->addResource(new Resource($resource['resource_name']));
            }
        }
    }

    // add common resources
    if (! empty($this->commonPermission)) {
        foreach ($this->commonPermission as $resource => $permissions) {
            if (! $this->hasResource($resource)) {
                $this->addResource(new Resource($resource));
            }
        }
    }

    return $this;
}

protected function _addRoleResources()
{
    // allow common resource/permission to guest user
    if (! empty($this->commonPermission)) {
        foreach ($this->commonPermission as $resource => $permissions) {
            foreach ($permissions as $permission) {
                $this->allow(self::DEFAULT_ROLE, $resource, $permission);
            }
        }
    }

    if (! empty($this->rolePermission)) {
        foreach ($this->rolePermission as $rolePermissions) {
            $this->allow($rolePermissions['role_name'], $rolePermissions['resource_name'], $rolePermissions['permission_name']);
        }
    }

    return $this;
}

protected function _getAllRoles()
{
    $roleTable = $this->getServiceLocator()->get("RoleTable");
    return $roleTable->getUserRoles();
}

protected function _getAllResources()
{
    $resourceTable = $this->getServiceLocator()->get("ResourceTable");
    return $resourceTable->getAllResources();
}

protected function _getRolePermissions()
{
    $rolePermissionTable =   $this->getServiceLocator()->get("RolePermissionTable");
    return $rolePermissionTable->getRolePermissions();
}

private function debugAcl($role, $resource, $permission)
{
    echo 'Role:-' . $role . '==>' . $resource . '\\' . $permission .  '<br/>';
 }
}

2016 年 6 月 10 日其他信息 我还发现该 ACL 页面不在模块的任何页面中。这些功能不会在任何页面的任何地方调用,也不会在任何页面上“使用”。那么它应该如何工作呢?

更新 06/10/2017 - 区域已修复。

我发现 module.php 中使用此功能的地方有一个白名单,页面也必须添加。下面是您添加它们的位置。

$whiteList = array(
        'Frontend\Controller\Index-index',
        *Add whatever modules/controller/action you do not want included*
        'ZF2AuthAcl\Controller\Index-index',
        'ZF2AuthAcl\Controller\Index-logout'
    );

最佳答案

以上是我的问题的结论。我偶然发现了它。我没有查看 module.php 文件。这就是答案。

关于mysql - ZF2AuthAcl 模块无法开箱即用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44458148/

上一篇:PHP SELECT INSERT数据(x)从表A到B,然后防止数据(x)出现在SELECT表A上

下一篇:php - &lt;input type ="time"/> 值未插入 mysql 数据库

相关文章:

mysql - 子查询中的 GROUP BY 以获得准确的排名

php - 使用 ZfcUser 对 Controller 进行简单的 ZF2 单元测试

php - Allow_Remove 不会删除集合

php - 如何在 ZF2 表单元素后添加 "new line"?

session - ZF2 session 验证器

php - ZF2是基于MOVE的吗?

java - MySQL 数据库连接几分钟后断开

php - 我的代码有什么问题?

mysql - MySQL 查询协助 - 省略、分组?

mysql - 2 个表的连接中的 FULLTEXT 索引

©2024 IT工具网  联系我们