开发者

is it possible to set permission in zend acl to action level insted of controller level

i am using zend framework , in my site i have two types of users , guest and loggeduser , i have a controller called . books , in there i have 3 actions . add , edit and delete ,

in my zend acl i give the permissions to books controller only to logged user , in my navigation , books link is not shown to the guest , instead of that i want to show all 3 sublinks to logged user and , only add sub link to guest

like this

to loged user

  • books

    • add

    • edit

    • delete

and to guest

  • books

    • add

the problem is when i set permissions in acl , the books link is completely not showing to the guest ,

this part of my acl

    $this->addResource(new Zend_Acl_Resource('books'));
    $t开发者_开发问答his->addResource(new Zend_Acl_Resource('login'));
    $this->addResource(new Zend_Acl_Resource('logout'));        

    $this->addRole(new Zend_Acl_Role('guest'));
    $this->addRole(new Zend_Acl_Role('user'), 'guest');

    $this->allow('guest', 'login');
$this->allow('user','logout');
    $this->allow('user','books');

$this->deny('guest', 'logout');
$this->deny('user', 'login');   

is there any way to set permission to action level or i need a plugin . i tried so hard to find a solution for hours , but couldn't . please help ............... thanks :(

UPDATE .

don't get confuced by the name , this is not the default zend Acl.php . this is a custom one stays in my models folder

part of my navigation.xml

<configdata>
    <nav>
        <books>
           <label>Books</label>
           <controller>books</controller>
           <action>index</action>
           <resource>books</resource>
           <pages>
                    <add>
                        <label>Add</label>
                        <controller>books</controller>
                        <action>add</action>
                    </add>
                    <edit>
                        <label>Edit</label>
                        <controller>books</controller>
                        <action>edit</action>
                    </edit>
                    <delete>
                        <label>Delete</label>
                        <controller>books</controller>
                        <action>delete</action>
                    </delete>
          </pages>
       </books>
   </nav>
</configdata>


As noted already, you will have to add privileges to the resource. $this->allow('role','resource',array('privilege')); Many people use the controller as the resource and action as the privilege.

I am assuming you are using Zend_Navigation in combination with Zend_Acl to show the proper navigation to signed on users. The simple reason why books and it's pages are not showing is because you did not give guest permission to see the parent books. You will have to allow guest access to the same resource and privilege defined for books. So, you will have to do something like the following:

$this->allow('guest', 'books', array('index', 'add')

Then, you can give user access:

$this->allow('user', 'books', array('edit','delete')); // index & add are inherited 

Now, in your Zend_Navigation_Page you will have to set the resource as books and the privilege to index.


$this->deny($this->editor,'artist',array('delete'));

where artist is the resource (controller) and delete is the action.

see http://zendguru.wordpress.com/2008/11/05/zend-framework-acl-with-example/ for an example.

and/or http://framework.zend.com/manual/en/zend.acl.refining.html#zend.acl.refining.precise

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜