[ZendFramework] Zend_Acl, Jak odczytać uprawnienia w widoku? Opcje

[nexis]

W jaki sposób mogę w widoku (np. views/scripts/index/index.phtml) uzyskać informację czy zalogowany użytkownik ma dostęp do jakiegoś działu? Chciałbym to uzyskać za pomocą funkcji typu isAllowed('controller', 'action') abym mógł ukryć linki w menu, do których użytkownik tak czy inaczej nie ma dostępu. Zend_Acl skonfigurowałem w następujący sposób:

bootstrap.php

[PHP] pobierz, plaintext 
<?php
defined('APPLICATION_PATH')
   or define('APPLICATION_PATH', dirname(__FILE__));
 
defined('APPLICATION_ENVIRONMENT')
    or define('APPLICATION_ENVIRONMENT', 'development');
 
$frontController = Zend_Controller_Front::getInstance();
$frontController->setControllerDirectory(APPLICATION_PATH . '/controllers');
$frontController->setParam('env', APPLICATION_ENVIRONMENT);
 
Zend_Layout::startMvc(APPLICATION_PATH . '/layouts/scripts');
$view = Zend_Layout::getMvcInstance()->getView();
$view->doctype('XHTML1_STRICT');
 
$configuration = new Zend_Config_Ini(APPLICATION_PATH . '/config/app.ini', APPLICATION_ENVIRONMENT);
 
$dbAdapter = Zend_Db::factory($configuration->database);
$dbAdapter->query('SET NAMES utf8');
Zend_Db_Table_Abstract::setDefaultAdapter($dbAdapter);
 
$registry = Zend_Registry::getInstance();
$registry->configuration = $configuration;
$registry->dbAdapter     = $dbAdapter;
 
require_once APPLICATION_PATH . '/models/Acl.php';
require_once APPLICATION_PATH . '/models/Auth.php';
$auth = Zend_Auth::getInstance();
$acl  = new Acl($auth);
$frontController->registerPlugin(new Auth($auth, $acl))
                ->setParam('auth', $auth);
 
 
unset($frontController, $view, $configuration, $dbAdapter, $registry);
?>
[PHP] pobierz, plaintext 

models/Auth.php

[PHP] pobierz, plaintext 
<?php
class Auth extends Zend_Controller_Plugin_Abstract
{
   public $_auth;
   public $_acl;
   
   private $_noauth = array('module' => 'default', 'controller' => 'user', 'action' => 'login');
   private $_noacl  = array('module' => 'default', 'controller' => 'user', 'action' => 'noAccess');
   
   public function __construct($auth, $acl)
   {
      $this->_auth = $auth;
      $this->_acl  = $acl;
   }
   public function preDispatch(Zend_Controller_Request_Abstract $request)
   {
      $role = ($this->_auth->hasIdentity()) ? $this->_auth->getStorage()->read()->role : 'guest';
   
      $controller = $request->controller;
      $action     = $request->action;
      $module     = $request->module;
      $resource   = $controller;
   
      if (!$this->_acl->has($resource)) {
         $resource = null;
      }
   
      if (!$this->_acl->isAllowed($role, $resource, $action)) {
         if (!$this->_auth->hasIdentity()) {
            $module     = $this->_noauth['module'];
            $controller = $this->_noauth['controller'];
            $action     = $this->_noauth['action'];
         } else {
            $module     = $this->_noacl['module'];
            $controller = $this->_noacl['controller'];
            $action     = $this->_noacl['action'];
         }
      }
         
      $request->setModuleName($module);
      $request->setControllerName($controller);
      $request->setActionName($action);
   }
}
?>
[PHP] pobierz, plaintext 

models/Acl.php

[PHP] pobierz, plaintext 
<?php
class Acl extends Zend_Acl
{
   public function __construct(Zend_Auth $auth)
   {      
      $this->add(new Zend_Acl_Resource('category'));
      $this->add(new Zend_Acl_Resource('error'));
      $this->add(new Zend_Acl_Resource('index'));
      $this->add(new Zend_Acl_Resource('localization'));
      $this->add(new Zend_Acl_Resource('object'));
      $this->add(new Zend_Acl_Resource('objectcategory'));
      $this->add(new Zend_Acl_Resource('objectelement'));
      $this->add(new Zend_Acl_Resource('objectphoto'));
      $this->add(new Zend_Acl_Resource('pattern'));
      $this->add(new Zend_Acl_Resource('patternelement'));
      $this->add(new Zend_Acl_Resource('postcode'));
      $this->add(new Zend_Acl_Resource('user'));
      
      # Guest
      $this->addRole(new Zend_Acl_Role('guest'));
      $this->allow('guest', 'index');
      $this->allow('guest', 'error');
      $this->allow('guest', 'user');
      
      # Editor
      $this->addRole(new Zend_Acl_Role('editor'), 'guest');
      $this->allow('editor', 'localization');
      $this->allow('editor', 'object');
      $this->allow('editor', 'objectcategory');
      $this->allow('editor', 'objectelement');
      $this->allow('editor', 'objectphoto');
      $this->allow('editor', 'postcode');
      
      # Manager
      $this->addRole(new Zend_Acl_Role('manager'), 'editor');
      $this->allow('manager', 'category');
      $this->deny('manager', 'object', 'activate');
      $this->allow('manager', 'pattern');
      $this->allow('manager', 'patternelement');
      
      # Administrator
      $this->addRole(new Zend_Acl_Role('administrator'));
      $this->allow('administrator'); 
   }
}
?>
[PHP] pobierz, plaintext 

Ten post edytował nexis 15.01.2009, 23:06:41

[qba_rox]

to prawda raz, ale nie chodzilo mi tu akurat o same obiekty helperow, tylko obiekty wewnatrz helpera, np obiekt modelu, konfiguracji (oczywiscie moze nie byc zadnych obiektow), poza tym odwolywanie sie dziesiatki razy do helpera nie jest wydajne, po to ludzie robia cos takiego.

Ten post edytował qba_rox 16.01.2009, 12:53:44