• phalcon: 目录分组后的acl权限控制


    phalcon: 目录分组后的acl权限控制

    楼主在做acl权限的时候,发现官方的acl只能针对未分组的目录,如下:

    app/
    ___|./controller
    ___|./logic
    ___|./plugins
    ___|./models
    ..............   
    

      

    但是对分组不支持,后来想想,是支持的.分组的目录如下

    app/
    ___|./admin/
    __________|./controllers
    __________|./logic
    __________|./views
    __________|./module.php
    ___|./home/
    __________|./controllers
    __________|./logic
    __________|./views
    __________|./module.php
    .........................................
    

      

    那么可以将,如下代码,直接加入到,分组目录下的 module.php代码中

    $di['aclResource']=function(){
                return include_once '../app/configs/frontAcl.php';
            };
            $di['dispatcher'] = function(){
                $eventManager = new PhalconEventsManager();
                $securyDeep = new SecurityDeep();
                $eventManager->attach("dispatch", $securyDeep);
                $dispatch = new PhalconMvcDispatcher();
                $dispatch->setEventsManager($eventManager);
                return $dispatch;
            };
    

      

    全代码:

    use PhalconLoader,
        PhalconMvcUrl,
        PhalconMvcDispatcher,
        PhalconDiInterface,
        PhalconMvcModuleDefinitionInterface,
        PhalconDIInjectable,
        PhalconMvcRouter;
    
    class Module extends Injectable implements ModuleDefinitionInterface
    {
    
        /**
         * Registers the module auto-loader
         */
        public function registerAutoloaders(DiInterface $dependencyInjector = null)
        {
            $loader = new Loader();
            $loader->registerNamespaces(array(
                'AppHomeControllers' => __DIR__ .'/controllers/'
            ))->register();
            $loader->registerDirs(
                array(
                    'modelsDir'      => '../app/models/',
    				'pluginsDir'      => '../app/plugins/',
                )
            )->register();
    
        }
    
        /**
         * Registers the module-only services
         *
         * @param DiInterface $di
         */
        public function registerServices(DiInterface $di)
        {        
    
            $di['aclResource']=function(){
                return include_once '../app/configs/frontAcl.php';
            };
            $di['dispatcher'] = function(){
                $eventManager = new PhalconEventsManager();
                $securyDeep = new SecurityHome();
                $eventManager->attach("dispatch", $securyDeep);
                $dispatch = new PhalconMvcDispatcher();
                $dispatch->setEventsManager($eventManager);
                return $dispatch;
            };
    
    
    
            /**
             * @return mixed
             */
            $di['baseUrl'] = function () {
                $url = new Url();
                $url->setBaseUri('/');
                return $url;
            };
    
    
    
            /**
             * 设置view
             */
            $di->set('view', function () use($di)  {
                $view = new PhalconMvcView();
                //var_dump($di['modules']['home']['viewsDir']);exit;
                $view->setViewsDir(BASE_PATH . $di['modules']['home']['viewsDir']);
                $view->registerEngines(array(
                    '.phtml' => 'PhalconMvcViewEnginePhp'
    				));
                return $view;
    			
            });
    
    
        }
    
    }
    

      

    acl文件:

    return new PhalconConfig(array(
        'Manager'=>array(
            'rote'=> new PhalconAclRole("Manager"),
            'resource'=>array(
                //登录
                'Index'=> array("index", 'error'),
                //用户中心
                'User'=> array("center", 'password','editcenter','editpwd','login','loginout'),
                //verzhun登录
                'Veryzhun'=>array('login','logining'),
    
                //默认所有权限
                'Capacity'=>array('index','airline','route'),
                'Clearance'=>array('airport','route'),
                'Operate'=>array('factor','compare'),
                'Traffic'=>array('index','history','monitor'),
                'Utilization'=>array('moment','night'),
    
            )
        ),
        'Operator'=>array(
            'rote'=> new PhalconAclRole("Operator"),
            'resource'=>array(
                'Index'=> array("index", 'error'),
                'User'=> array("center", 'password','editcenter','editpwd','login','loginout'),
                'Veryzhun'=>array('login','logining'),
                'Traffic'=>array('index','history','monitor'),
    
                //默认所有权限
                //'Capacity'=>array('index','airline','route'),
                'Clearance'=>array('airport','route'),
                'Operate'=>array('factor','compare'),
                'Traffic'=>array('index','history','monitor'),
                'Utilization'=>array('moment','night'),
            )
        )
    ));
    

      

    权限验证:

    /**
     * 权限控制
     */
    use PhalconMvcUserPlugin,
        PhalconEventsEvent,
        PhalconMvcDispatcher;
    class SecurityHome extends Plugin{
    
        public function __construct() { }
    
        public function _getAcl()
        {
            $acl = new PhalconAclAdapterMemory();
    
            //默认权限禁止
            $acl->setDefaultAction(PhalconAcl::DENY);
            //读取所有权限
            $aclResource = $this->_callAcl();
    
            if(!empty($aclResource))
            {
                foreach ($aclResource as $key=>$value)
                {
    
                    //创建角色到acl
                    $acl->addRole($value['rote']);
                    //所有的操作
                    foreach ((array)$value['resource'] as $k=>$v)
                    {
                        //echo $k.'<br>';
                        foreach((array)$v as $ky=>$vy)
                        {
                            //添加资源
                            $acl->addResource(new PhalconAclResource(strtolower($k)), $vy);
                            //添加访问权限
                            $acl->allow($key, strtolower($k), $vy);
                             //echo '|--'.$k.':'.$vy.'<br>';
                        }
                    }
                }
            }
    
    
            return $acl;
    
        }
    
        public function _callAcl()
        {
            if($this->persistent->acl == null || $this->persistent->acl['Operator']['rote'] == null)
            {
                $this->persistent->acl = $this->aclResource;
            }
            return $this->persistent->acl;
        }
    
        /**
         * 事件触发
         * @param Event $event
         * @param Dispatcher $dispatcher
         */
        public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
        {
    
            $controller = $dispatcher->getControllerName();
            $action = $dispatcher->getActionName();
    
            //权限
            $role = 'Operator';
            $acl = $this->_getAcl();
            $isAllowed = $acl->isAllowed($role, strtolower($controller), strtolower($action));
    
            if(!$isAllowed)
            {
    
                $dispatcher->forward(array(
                    'controller'=>'index',
                    'action'=>'error',
                    'params'=>array('msg'=>'no access')
                ));
                //echo "no access";
                //exit;
            }
        }
    
    }
    

      

     接收获取到的数据:

    /**
         * 提示页面
         */
        public function errorAction()
        {
            //获取传过来的参数
            $param = $this->dispatcher->getParams();
            $msg = isset($param['msg']) ? $param['msg'] : '' ;
    
    
            $this->view->web_title = '错误';
            $this->view->pick('index/error');
        }
    

      

  • 相关阅读:
    小程序云函数 Error: errCode: -404011 cloud function execution error
    Fiddler+雷电模拟器进行APP抓包
    Vue优化常用技巧
    sftp常用命令整理
    React生命周期学习整理
    git 提交跳过检查
    漂亮的代码系列
    关于我系列
    架构系列
    深度学习系列
  • 原文地址:https://www.cnblogs.com/achengmu/p/9044431.html
Copyright © 2020-2023  润新知