phalcon: 目錄分組後的acl權限控制

phalcon: 目錄分組後的acl權限控制

樓主在作acl權限的時候，發現官方的acl只能針對未分組的目錄，以下：

app/
___|./controller
___|./logic
___|./plugins
___|./models
..............   

　　

可是對分組不支持，後來想一想，是支持的.分組的目錄以下

app/
___|./admin/
__________|./controllers
__________|./logic
__________|./views
__________|./module.php
___|./home/
__________|./controllers
__________|./logic
__________|./views
__________|./module.php
.........................................

　　

那麼能夠將，以下代碼，直接加入到，分組目錄下的 module.php代碼中

$di['aclResource']=function(){
            return include_once '../app/configs/frontAcl.php';
        };
        $di['dispatcher'] = function(){
            $eventManager = new \Phalcon\Events\Manager();
            $securyDeep = new \SecurityDeep();
            $eventManager->attach("dispatch", $securyDeep);
            $dispatch = new \Phalcon\Mvc\Dispatcher();
            $dispatch->setEventsManager($eventManager);
            return $dispatch;
        };

　　

全代碼：

use Phalcon\Loader,
    Phalcon\Mvc\Url,
    Phalcon\Mvc\Dispatcher,
    Phalcon\DiInterface,
    Phalcon\Mvc\ModuleDefinitionInterface,
    Phalcon\DI\Injectable,
    Phalcon\Mvc\Router;

class Module extends Injectable implements ModuleDefinitionInterface
{

    /**
     * Registers the module auto-loader
     */
    public function registerAutoloaders(DiInterface $dependencyInjector = null)
    {
        $loader = new Loader();
        $loader->registerNamespaces(array(
            'App\Home\Controllers' => __DIR__ .'/controllers/'
        ))->register();
        $loader->registerDirs(
            array(
                'modelsDir'      => '../app/models/',
				'pluginsDir'      => '../app/plugins/',
            )
        )->register();

    }

    /**
     * Registers the module-only services
     *
     * @param DiInterface $di
     */
    public function registerServices(DiInterface $di)
    {        

        $di['aclResource']=function(){
            return include_once '../app/configs/frontAcl.php';
        };
        $di['dispatcher'] = function(){
            $eventManager = new \Phalcon\Events\Manager();
            $securyDeep = new \SecurityHome();
            $eventManager->attach("dispatch", $securyDeep);
            $dispatch = new \Phalcon\Mvc\Dispatcher();
            $dispatch->setEventsManager($eventManager);
            return $dispatch;
        };



        /**
         * @return mixed
         */
        $di['baseUrl'] = function () {
            $url = new Url();
            $url->setBaseUri('/');
            return $url;
        };



        /**
         * 設置view
         */
        $di->set('view', function () use($di)  {
            $view = new \Phalcon\Mvc\View();
            //var_dump($di['modules']['home']['viewsDir']);exit;
            $view->setViewsDir(BASE_PATH . $di['modules']['home']['viewsDir']);
            $view->registerEngines(array(
                '.phtml' => 'Phalcon\Mvc\View\Engine\Php'
				));
            return $view;
			
        });


    }

}

　　

acl文件：

return new \Phalcon\Config(array(
    'Manager'=>array(
        'rote'=> new \Phalcon\Acl\Role("Manager"),
        'resource'=>array(
            //登陸
            'Index'=> array("index", 'error'),
            //用戶中心
            'User'=> array("center", 'password','editcenter','editpwd','login','loginout'),
            //verzhun登陸
            'Veryzhun'=>array('login','logining'),

            //默認全部權限
            'Capacity'=>array('index','airline','route'),
            'Clearance'=>array('airport','route'),
            'Operate'=>array('factor','compare'),
            'Traffic'=>array('index','history','monitor'),
            'Utilization'=>array('moment','night'),

        )
    ),
    'Operator'=>array(
        'rote'=> new \Phalcon\Acl\Role("Operator"),
        'resource'=>array(
            'Index'=> array("index", 'error'),
            'User'=> array("center", 'password','editcenter','editpwd','login','loginout'),
            'Veryzhun'=>array('login','logining'),
            'Traffic'=>array('index','history','monitor'),

            //默認全部權限
            //'Capacity'=>array('index','airline','route'),
            'Clearance'=>array('airport','route'),
            'Operate'=>array('factor','compare'),
            'Traffic'=>array('index','history','monitor'),
            'Utilization'=>array('moment','night'),
        )
    )
));

　　

權限驗證：

/**
 * 權限控制
 */
use \Phalcon\Mvc\User\Plugin,
    \Phalcon\Events\Event,
    \Phalcon\Mvc\Dispatcher;
class SecurityHome extends Plugin{

    public function __construct() { }

    public function _getAcl()
    {
        $acl = new \Phalcon\Acl\Adapter\Memory();

        //默認權限禁止
        $acl->setDefaultAction(\Phalcon\Acl::DENY);
        //讀取全部權限
        $aclResource = $this->_callAcl();

        if(!empty($aclResource))
        {
            foreach ($aclResource as $key=>$value)
            {

                //建立角色到acl
                $acl->addRole($value['rote']);
                //全部的操做
                foreach ((array)$value['resource'] as $k=>$v)
                {
                    //echo $k.'<br>';
                    foreach((array)$v as $ky=>$vy)
                    {
                        //添加資源
                        $acl->addResource(new \Phalcon\Acl\Resource(strtolower($k)), $vy);
                        //添加訪問權限
                        $acl->allow($key, strtolower($k), $vy);
                         //echo '|--'.$k.':'.$vy.'<br>';
                    }
                }
            }
        }


        return $acl;

    }

    public function _callAcl()
    {
        if($this->persistent->acl == null || $this->persistent->acl['Operator']['rote'] == null)
        {
            $this->persistent->acl = $this->aclResource;
        }
        return $this->persistent->acl;
    }

    /**
     * 事件觸發
     * @param Event $event
     * @param Dispatcher $dispatcher
     */
    public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
    {

        $controller = $dispatcher->getControllerName();
        $action = $dispatcher->getActionName();

        //權限
        $role = 'Operator';
        $acl = $this->_getAcl();
        $isAllowed = $acl->isAllowed($role, strtolower($controller), strtolower($action));

        if(!$isAllowed)
        {

            $dispatcher->forward(array(
                'controller'=>'index',
                'action'=>'error',
                'params'=>array('msg'=>'no access')
            ));
            //echo "no access";
            //exit;
        }
    }

}

　　

 

 接收穫取到的數據：

/**
     * 提示頁面
     */
    public function errorAction()
    {
        //獲取傳過來的參數
        $param = $this->dispatcher->getParams();
        $msg = isset($param['msg']) ? $param['msg'] : '' ;


        $this->view->web_title = '錯誤';
        $this->view->pick('index/error');
    }