本文整理汇总了PHP中Zend_Acl::addRole方法的典型用法代码示例。如果您正苦于以下问题:PHP Zend_Acl::addRole方法的具体用法?PHP Zend_Acl::addRole怎么用?PHP Zend_Acl::addRole使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Zend_Acl的用法示例。
在下文中一共展示了Zend_Acl::addRole方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: _getAcl
protected function _getAcl()
{
$acl = false;
if (Zend_Registry::isRegistered('cache')) {
$cache = Zend_Registry::get('cache');
$acl = $cache->load('acl');
}
if (!$acl) {
$acl = new Zend_Acl();
$role = new Auth_Model_DbTable_Role();
$resource = new Auth_Model_DbTable_Resource();
$roleResource = new Auth_Model_DbTable_RoleResource();
$roles = $role->fetchAll("name <> 'Todos'");
$resources = $resource->getDistinctModules();
$relations = $roleResource->fetchAllRelations();
$acl->addRole('Todos');
foreach ($roles as $role) {
$acl->addRole($role['name'], 'Todos');
}
foreach ($resources as $resource) {
$acl->addResource($resource['module']);
}
foreach ($relations as $relation) {
$acl->allow($relation['name'], $relation['module'], $relation['privilege']);
}
if (Zend_Registry::isRegistered('cache')) {
$cache->save($acl, 'acl');
}
}
Zend_Registry::set('acl', $acl);
return $acl;
}示例2: __construct
public function __construct()
{
$acl = new Zend_Acl();
//ролі
$acl->addRole(new Zend_Acl_Role('guest'));
//user наслідує усі параметри guest
$acl->addRole(new Zend_Acl_Role('user'), 'guest');
$acl->addRole(new Zend_Acl_Role('admin'));
//ресурси - доступні контролери
$acl->add(new Zend_Acl_Resource('users'));
$acl->add(new Zend_Acl_Resource('index'));
//дозвіл
$acl->deny();
//заборонити доступ всім
$acl->allow('admin', null);
//дозволити доступ admin-у до всього
//users це resource - контролер
// далі $privilege - екшн
$acl->allow('guest', 'users', array('login', 'registration', 'confirm'));
$acl->allow('guest', 'index');
$acl->allow('user', 'users', array('logout'));
$acl->deny('user', 'users', array('login', 'registration'));
//глобальний доступ до змінної
//щоб використати у видах
Zend_Registry::set('acl', $acl);
/*
//isAllowed() - чи має доступ $role до $resourse і $privilege
//$resource - контролер
//$privilege - екшн
if($acl->isAllowed($role, $resource, $privilege)){
} */
}示例3: preDispatch
/**
* Hlavni logika ACL
*
* @param $request
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$acl = new Zend_Acl();
$identity = $auth->getIdentity();
$acl->addRole(new Zend_Acl_Role('user'))->addRole(new Zend_Acl_Role('owner'))->addRole(new Zend_Acl_Role('admin'), 'owner');
if ($identity->owner == true) {
$inherit = 'owner';
} elseif ($identity->administrator == true) {
$inherit = 'admin';
} else {
$inherit = 'user';
}
$acl->addRole(new Zend_Acl_Role($identity->email), $inherit);
$projekt = $request->getParam('projekt');
// Zakladni resource
foreach ($this->_resources as $val => $key) {
$acl->add(new Zend_Acl_Resource($key));
}
// Prava pro zakladni resource
$acl->allow('owner');
$acl->deny('admin', 'account');
$acl->allow('user', array('index', 'project', 'assignment', 'calendar', 'people', 'auth', 'redir'));
$acl->deny('user', 'account');
$acl->deny('user', 'project', $this->_create);
$acl->deny('user', 'people', $this->_create);
$acl->deny('user', 'project', $this->_manage);
$acl->deny('user', 'people', $this->_manage);
if ($request->id == $identity->iduser) {
$acl->allow('user', 'people', $this->_manage);
}
// Resource pro projektovou podsekci
$this->_projectAcl($acl, $identity);
Zend_Registry::set('acl', $acl);
if ($identity->administrator == 1) {
$isAllowed = true;
} elseif (in_array($projekt . '|' . $request->getControllerName(), $this->_resources)) {
$isAllowed = $acl->isAllowed($identity->email, $projekt . '|' . $request->getControllerName(), $request->getActionName());
} elseif (in_array($request->getControllerName(), $this->_resources)) {
$isAllowed = $acl->isAllowed($identity->email, $request->getControllerName(), $request->getActionName());
} else {
$isAllowed = false;
}
$error = $request->getParam('error_handler');
if (is_null($error)) {
if (!$isAllowed) {
$module = $this->_noacl['module'];
$controller = $this->_noacl['controller'];
$action = $this->_noacl['action'];
}
}
$request->setModuleName($module);
$request->setControllerName($controller);
$request->setActionName($action);
}
}示例4: _setupRoles
protected function _setupRoles()
{
$this->_acl->addRole(new Zend_Acl_Role('guest'));
$this->_acl->addRole(new Zend_Acl_Role('usuario'), 'guest');
$this->_acl->addRole(new Zend_Acl_Role('admin'), 'usuario');
$this->_acl->addRole(new Zend_Acl_Role('gestao'), 'admin');
}示例5: init
public function init()
{
$acl = new Zend_Acl();
$acl->addRole(OpenSKOS_Db_Table_Users::USER_ROLE_GUEST);
$acl->addRole(OpenSKOS_Db_Table_Users::USER_ROLE_USER, OpenSKOS_Db_Table_Users::USER_ROLE_GUEST);
$acl->addRole(OpenSKOS_Db_Table_Users::USER_ROLE_EDITOR, OpenSKOS_Db_Table_Users::USER_ROLE_USER);
$acl->addRole(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, OpenSKOS_Db_Table_Users::USER_ROLE_EDITOR);
$acl->addRole(OpenSKOS_Db_Table_Users::USER_ROLE_ROOT, OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR);
$acl->addResource('website');
$acl->addResource('editor');
$acl->addResource('editor.concepts', 'editor');
$acl->addResource('editor.concept-schemes', 'editor');
$acl->addResource('editor.institution', 'editor');
$acl->addResource('editor.collections', 'editor');
$acl->addResource('editor.delete-all-concepts-in-collection', 'editor');
$acl->addResource('editor.users', 'editor');
$acl->addResource('editor.jobs', 'editor');
$acl->addResource('editor.manage-search-profiles', 'editor');
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_GUEST, 'website', 'view');
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_USER, 'editor', 'view');
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_USER, 'editor.concepts', 'view');
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_EDITOR, 'editor.concepts', array('propose'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.concepts', array('full-create', 'edit', 'delete', 'bulk-status-edit'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.concept-schemes', array('index', 'create', 'edit', 'delete', 'manage-icons'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.institution', null);
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.collections', array('index', 'manage'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.users', array('index', 'manage'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.jobs', array('index', 'manage'));
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ADMINISTRATOR, 'editor.manage-search-profiles', null);
$acl->allow(OpenSKOS_Db_Table_Users::USER_ROLE_ROOT, 'editor.delete-all-concepts-in-collection', null);
Zend_Registry::set(self::REGISTRY_KEY, $acl);
//store the ACL for the view:
Zend_View_Helper_Navigation_HelperAbstract::setDefaultAcl($acl);
}示例6: __construct
public function __construct()
{
$acl = new Zend_Acl();
// добавляем роли
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('admin'));
// добавляем ресурсы
$acl->add(new Zend_Acl_Resource('sites'));
$acl->add(new Zend_Acl_Resource('index'));
$acl->add(new Zend_Acl_Resource('logs'));
$acl->add(new Zend_Acl_Resource('auth'));
$acl->add(new Zend_Acl_Resource('maps'));
$acl->add(new Zend_Acl_Resource('best'));
$acl->add(new Zend_Acl_Resource('news'));
// если нет роли то все запрещаем
$acl->deny();
// админу по умолчанию разрешено все
$acl->allow('admin', null);
// гостю только контроллер с экшеном для входа
$acl->allow('guest', 'auth', array('index', 'check'));
$acl->allow('guest', 'maps', array('cronmaps'));
$acl->allow('guest', array('module' => 'best', 'controller' => 'news'), array('scan', 'redirect'));
// если надо запретить экшены в разрешенном контроллере
/*$acl->deny('user', 'users', array(
'login', 'registration'
));
*
*/
Zend_Registry::set('acl', $acl);
}示例7: init
/**
* (non-PHPdoc)
* @see Zend_Application_Resource_ResourceAbstract#init()
*/
public function init()
{
$this->_acl = new Zend_Acl();
// static roles
$this->_acl->addRole(new Zend_Acl_Role('all'));
$this->_acl->addRole(new Zend_Acl_Role('anonymous'), 'all');
$this->_acl->addRole(new Zend_Acl_Role('identified'), 'all');
// dinamic roles
foreach ($this->_roles as $roleName) {
if (!$this->_acl->hasRole($roleName)) {
$this->_acl->addRole(new Zend_Acl_Role($roleName), 'identified');
}
}
// var_dump($this->_resources);exit;
// rules
foreach ($this->_resources as $module => $grants) {
$module = strtolower($module);
$this->_acl->add(new Zend_Acl_Resource($module));
foreach ($grants as $controller => $grant) {
$controller = strtolower($controller);
foreach ($grant as $action => $roles) {
$resource = $controller . self::RESOURCE_SEPARATOR . $action;
foreach (explode(',', $roles) as $role) {
if (!empty($role)) {
$this->_acl->allow(trim($role), $module, $resource);
}
}
}
}
}
Zend_Registry::set('acl', $this->_acl);
return $this->_acl;
}示例8: _initAlc
protected function _initAlc()
{
// Создаём объект Zend_Acl
$acl = new Zend_Acl();
//$acl->removeAll();
// указываем, что у нас есть ресурсы
//$acl->addResource(new Zend_Acl_Resource('error'));
$acl->addResource(new Zend_Acl_Resource('auth'));
$acl->addResource(new Zend_Acl_Resource('index'));
$acl->addResource(new Zend_Acl_Resource('models-generator'));
$acl->addResource(new Zend_Acl_Resource('slugify'));
$acl->addResource(new Zend_Acl_Resource('sefurl'));
$acl->addResource(new Zend_Acl_Resource('search-index'));
$acl->addResource(new Zend_Acl_Resource('test'));
$acl->addResource(new Zend_Acl_Resource('xml-catalog-generator'));
$acl->addResource(new Zend_Acl_Resource('csv-catalog-generator'));
$acl->addResource(new Zend_Acl_Resource('cache-manager'));
$acl->addResource(new Zend_Acl_Resource('update-image-catalog'));
$acl->addResource(new Zend_Acl_Resource('products-draft'));
// далее переходим к созданию ролей, которых у нас 2:
// гость (неавторизированный пользователь)
$acl->addRole('guest');
// администратор, который наследует доступ от гостя
$acl->addRole('admin', 'guest');
$acl->deny();
//$acl->allow('guest', array('default', 'catalog', 'error'));
$acl->allow('guest', 'auth');
$acl->allow('admin');
// получаем экземпляр главного контроллера
$fc = Zend_Controller_Front::getInstance();
// регистрируем плагин с названием AclUtils, в который передаём
// на ACL и экземпляр Zend_Auth
$fc->registerPlugin(new Plugin_AclUtils($acl, Zend_Auth::getInstance()));
}示例9: _setupRoles
protected function _setupRoles()
{
$this->_acl->addRole(new Zend_Acl_Role('guest'));
$this->_acl->addRole(new Zend_Acl_Role('editor'));
$this->_acl->addRole(new Zend_Acl_Role('desen'));
$this->_acl->addRole(new Zend_Acl_Role('admin'));
}示例10: preDispatch
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role(Model_Role::GUEST));
$acl->addRole(new Zend_Acl_Role(Model_Role::ADMIN), Model_Role::GUEST);
$acl->addResource(new Zend_Acl_Resource('admin'));
$acl->addResource(new Zend_Acl_Resource('blog'));
$acl->addResource(new Zend_Acl_Resource('error'));
$acl->addResource(new Zend_Acl_Resource('index'));
$acl->allow(Model_Role::GUEST, 'blog');
$acl->allow(Model_Role::GUEST, 'error');
$acl->allow(Model_Role::GUEST, 'index');
$acl->allow(Model_Role::GUEST, 'admin', array('login'));
$acl->allow(Model_Role::ADMIN, 'admin');
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$user = new Model_User($auth->getIdentity());
$role = $user->role_id;
} else {
$role = Model_Role::GUEST;
}
$resource = $request->getControllerName();
$privilege = $request->getActionName();
if (!$acl->isAllowed($role, $resource, $privilege)) {
$this->_request->setControllerName('admin')->setActionName('login');
$this->_response->setRedirect('/admin/login/');
}
}示例11: getAcl
public function getAcl()
{
$acl = new Zend_Acl();
// Add roles.
$acl->addRole('super');
// Admins inherit privileges from super users.
$acl->addRole('admin', 'super');
$acl->addRole('researcher');
// Contributors inherit privileges from researchers.
$acl->addRole('contributor', 'researcher');
// Add resources, corresponding to Omeka controllers.
$resources = array('Items', 'Collections', 'ElementSets', 'Files', 'Plugins', 'Settings', 'Security', 'Upgrade', 'Tags', 'Themes', 'SystemInfo', 'ItemTypes', 'Users', 'Search', 'Appearance', 'Elements');
foreach ($resources as $resource) {
$acl->addResource($resource);
}
// Define allow rules for everyone.
// Everyone can view and browse these resources.
$acl->allow(null, array('Items', 'ItemTypes', 'Tags', 'Collections', 'Search', 'ElementSets', 'Elements'), array('index', 'browse', 'show', 'home', 'print-cart'));
// Everyone can view an item's tags and use the item search.
$acl->allow(null, array('Items'), array('tags', 'search'));
// Everyone can view files.
$acl->allow(null, 'Files', 'show');
// Non-authenticated users can access the upgrade script, for logistical reasons.
$acl->allow(null, 'Upgrade');
// Deny privileges from admin users
$acl->deny('admin', array('Settings', 'Plugins', 'Themes', 'ElementSets', 'Security', 'SystemInfo', 'Appearance'));
// Assert ownership for certain privileges.
// Owners can edit and delete items and collections.
$acl->allow(null, array('Items', 'Collections'), array('edit', 'delete'), new Omeka_Acl_Assert_Ownership());
// Owners can edit files.
$acl->allow(null, 'Files', 'edit', new Omeka_Acl_Assert_Ownership());
// Define allow rules for specific roles.
// Super users have full privileges.
$acl->allow('super');
// Researchers can view and search items and collections that are not public.
$acl->allow('researcher', array('Items', 'Collections', 'Search'), 'showNotPublic');
// Contributors can add and tag items, edit or delete their own items, and see
// their items that are not public.
$acl->allow('contributor', 'Items', array('add', 'tag', 'batch-edit', 'batch-edit-save', 'change-type', 'delete-confirm', 'editSelf', 'deleteSelf', 'showSelfNotPublic'));
// Contributors can edit their own files.
$acl->allow('contributor', 'Files', 'editSelf');
// Contributors have access to tag autocomplete.
$acl->allow('contributor', 'Tags', array('autocomplete'));
// Contributors can add collections, edit or delete their own collections, and
// see their collections that are not public.
$acl->allow('contributor', 'Collections', array('add', 'delete-confirm', 'editSelf', 'deleteSelf', 'showSelfNotPublic'));
$acl->allow('contributor', 'Elements', 'element-form');
// Define deny rules.
// Deny admins from accessing some resources allowed to super users.
$acl->deny('admin', array('Settings', 'Plugins', 'Themes', 'ElementSets', 'Security', 'SystemInfo'));
// Deny admins from deleting item types and item type elements.
$acl->deny('admin', 'ItemTypes', array('delete', 'delete-element'));
// Deny Users to admins since they normally have all the super permissions.
$acl->deny(null, 'Users');
$acl->allow(array('super', 'admin', 'contributor', 'researcher'), 'Users', null, new Omeka_Acl_Assert_User());
// Always allow users to login, logout and send forgot-password notifications.
$acl->allow(array(null, 'admin'), 'Users', array('login', 'logout', 'forgot-password', 'activate'));
return $acl;
}示例12: getAcl
public static function getAcl()
{
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('everyone'));
$acl->addRole(new Zend_Acl_Role('blocked'), 'everyone');
$acl->addRole(new Zend_Acl_Role('self'), 'everyone');
return $acl;
}示例13: getAcl
/**
* Return the acl under test
*
* @return Zend_Acl
*/
protected function getAcl()
{
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('user'));
$acl->addResource('foo');
$acl->allow('user', 'foo');
return $acl;
}示例14: getAcl
public static function getAcl()
{
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('everyone'));
$acl->addRole(new Zend_Acl_Role('creator'), 'everyone');
$acl->addRole(new Zend_Acl_Role('user'), 'everyone');
$acl->addRole(new Zend_Acl_Role('creator_user'), 'creator');
return $acl;
}示例15: _setupRoles
/**
* _setupRoles
*
* @return void
*/
protected function _setupRoles()
{
$this->_roles = $this->_roleService->getAllRoles();
foreach ($this->_roles as $i) {
$this->_acl->addRole($i);
}
$currentRoles = Zend_Registry::get('Default_DiContainer')->getUserService()->getIdentity()->getRoles();
$this->_acl->addRole(new Zend_Acl_Role('user'), $currentRoles);
}