目录控制:
public/index.php:
$di['aclResource']=function(){
return include_once '../app/config/frontbackAcl.php';
};
$di['dispatcher'] = function(){
$eventManager = new PhalconEventsManager();
$securyDeep = new SecurityDeep();
$eventManager->attach("dispatch", $securyDeep);
$dispatch = new PhalconMvcDispatcher();
$dispatch->setEventsManager($eventManager);
return $dispatch;
};
app/config/frontbackAcl.php:
return new PhalconConfig(array(
'Manager'=> array(
'rote'=>new PhalconAclRole("Manager"),
'resource'=>array(
'Index'=> array("index", 'last', 'login', 'signup'),
'Register'=> array('index', 'doing'),
'Delete'=>array('index', 'delete')
)
),
'Operator'=>array(
'rote'=>new PhalconAclRole("Operator"),
'resource'=>array(
'Index'=> array("index", 'last', 'login','signup'),
'Register'=> array('index', 'doing'),
)
)
));
securityDeep.php:
use PhalconMvcUserPlugin,
PhalconEventsEvent,
PhalconMvcDispatcher;
class SecurityDeep extends Plugin {
public function __construct() { }
public function _getAcl()
{
$acl = new PhalconAclAdapterMemory();
//默认权限
$acl->setDefaultAction(PhalconAcl::DENY);
//创建
$allResource = $this->_callAcl();
foreach($allResource as $key=>$value)
{
//创建角色,并将角色添加到acl
$acl->addRole($value['rote']);
//var_dump($value['rote']);
foreach($value['resource'] as $k=>$v)
{
//echo $k.'<br>';
foreach($v as $ky=>$vy)
{
//添加资源
$acl->addResource(new PhalconAclResource(strtolower($k)), $vy);
//添加访问权限
$acl->allow($key, strtolower($k), $vy);
// echo '|--'.$k.':'.$vy.'<br>';
}
}
}
return $acl;
}
public function _callAcl()
{
if($this->persistent->acl == null) {
$this->persistent->acl = $this->aclResource;
}
return $this->persistent->acl;
}
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
{
$controller = $dispatcher->getControllerName();
$action = $dispatcher->getActionName();
$role = '';
if( $this->session->has('userInfo'))
{
$managerInfo = $this->session->get('userInfo');
$role = $managerInfo['role'];
}
if(empty($role)) $role = 'Operator';
$acl = $this->_getAcl();
$isAllowed = $acl->isAllowed($role, strtolower($controller), strtolower($action));
if(!$isAllowed)
{
//echo "no access";exit;
$dispatcher->forward(array(
'controller'=>'index',
'action'=>'error',
'params'=>array('msg'=>'no access')
));
} } }
那么,在indexController.php页面中,可以通过如下方法,获取params传过来的值:
public function errorAction()
{
//获取传过来的参数
$param = $this->dispatcher->getParams();
$msg = isset($param['msg'])? $param['msg'] : '' ;
$this->view->web_title = '错误';
$this->view->pick('index/error');
}