本文整理汇总了PHP中Zend_Acl::isAllowed方法的典型用法代码示例。如果您正苦于以下问题:PHP Zend_Acl::isAllowed方法的具体用法?PHP Zend_Acl::isAllowed怎么用?PHP Zend_Acl::isAllowed使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Zend_Acl的用法示例。
在下文中一共展示了Zend_Acl::isAllowed方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: preDispatch
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$this->_initAcl();
if ($this->_auth->hasIdentity()) {
$ident = $this->_auth->getIdentity();
$date = new Zend_Date();
$ident->last_login = $date->get(DATABASE_DATE_FORMAT);
$ident->save();
}
if ($request->getControllerName() != 'admin' && $request->getModuleName() != 'admin') {
return;
}
// if this is not admin skip the rest
if (!$this->_auth->hasIdentity() && !($request->getControllerName() == 'auth' && $request->getActionName() == 'login' && $request->getModuleName() == 'admin')) {
$redirect = new Zend_Controller_Action_Helper_Redirector();
$redirect->gotoSimple('login', 'auth', 'admin');
}
if ($request->getModuleName() == 'user' && $request->getControllerName() == 'admin' && $request->getActionName() == 'profile') {
return;
}
// the profile is a free resource
$resource = $request->getModuleName() . '_' . $request->getControllerName();
$hasResource = $this->_acl->has($resource);
if ($hasResource && !$this->_acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $request->getActionName())) {
throw new FansubCMS_Exception_Denied('The user is not allowd to do this');
}
}示例2: checkAccess
public function checkAccess(Zend_Controller_Request_Abstract $request)
{
$resource = new User_Model_Acl_Resource();
$resource->getPrivileges($request);
if (!$resource->privileges || !$resource->resource_id) {
//error in getting resource privileges or nobody is allowed access, deny access and redirect to forbidden
return false;
}
$acl = new Zend_Acl();
$acl->add(new Zend_Acl_Resource($resource->resource_id));
foreach ($resource->privileges as $key => $privilege) {
if (!$acl->hasRole($privilege["role_id"])) {
$acl->addRole(new Zend_Acl_Role($privilege["role_id"]));
$acl->allow($privilege["role_id"], $resource->resource_id);
}
}
$authorization = Zend_Auth::getInstance();
if ($authorization->hasIdentity()) {
$user = $authorization->getIdentity();
if ($acl->hasRole($user['role_id']) && $acl->isAllowed($user['role_id'], $resource->resource_id)) {
//role has access
return true;
}
//user role does not have access to this resource
return false;
} else {
$aclrole = new User_Model_Acl_Role();
$aclrole->getDefaultRole();
if (!$aclrole->default_role || !$acl->hasRole($aclrole->default_role) || !$acl->isAllowed($aclrole->default_role, $resource->resource_id)) {
//redirect to login
return false;
}
}
return true;
}示例3: isAllowed
/**
* Check the acl
*
* @param string $resource
* @param string $privilege
* @return boolean
*/
public function isAllowed($resource = null, $privilege = null)
{
if (null === $this->_acl) {
return null;
}
return $this->_acl->isAllowed($this->getIdentity(), $resource, $privilege);
}示例4: preDispatch
/**
* Hook into action controller preDispatch() workflow
*
* @return void
*/
public function preDispatch()
{
$role = Zend_Registry::get('config')->acl->defaultRole;
if ($this->_auth->hasIdentity()) {
$user = $this->_auth->getIdentity();
if (is_object($user) && !empty($user->role)) {
$role = $user->role;
}
}
$request = $this->_action->getRequest();
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
$this->_controllerName = $controller;
$resource = $controller;
$privilege = $action;
if (!$this->_acl->has($resource)) {
$resource = null;
}
if ($resource == 'error' && $privilege == 'error') {
return;
}
if (!$this->_acl->isAllowed($role, $resource, $privilege)) {
$request->setModuleName('default')->setControllerName('auth')->setActionName('noaccess');
$request->setDispatched(false);
return;
}
}示例5: preDispatch
/**
* @param Zend_Controller_Request_Abstract $oHttpRequest
*/
public function preDispatch(Zend_Controller_Request_Abstract $oHttpRequest)
{
$sControllerName = $oHttpRequest->getControllerName();
$sActionName = $oHttpRequest->getActionName();
$aRequestedParams = $oHttpRequest->getUserParams();
$sQuery = '';
unset($aRequestedParams['controller']);
unset($aRequestedParams['action']);
// Define user role
if (Zend_Auth::getInstance()->hasIdentity()) {
$aData = Zend_Auth::getInstance()->getStorage()->read();
$sRole = $aData['role'];
} else {
// Default role
$sRole = 'guest';
}
// Check access
if (!$this->_oAcl->isAllowed($sRole, $sControllerName, $sActionName)) {
$oHttpRequest->setParam('referer_controller', $sControllerName);
$oHttpRequest->setParam('referer_action', $sActionName);
$aParams = array();
if (count($aRequestedParams)) {
foreach ($aRequestedParams as $sKey => $sValue) {
$aParams[] = $sKey;
$aParams[] = $sValue;
}
$sQuery = implode('/', $aParams) . '/';
}
$oHttpRequest->setParam('query', $sQuery);
$oHttpRequest->setControllerName('auth')->setActionName('login');
$this->_response->setHttpResponseCode(401);
}
}示例6: testDeniesProfileEditToNonAdmin
public function testDeniesProfileEditToNonAdmin()
{
$mapper = new Default_Model_Mapper_Mongo_UserMapper();
$user = $mapper->findByUserName('foo');
$profile = $mapper->findByUserName('admin');
$b = $this->_acl->isAllowed($user, $profile, 'update');
$this->assertFalse($b);
}示例7: isAllowed
public function isAllowed($resource = null, $privilege = null, $role = null)
{
// Default business rule to return null instead of throwing exceptions for non-known resources
if (!$this->_acl->has($resource)) {
$resource = null;
}
return $this->_acl->isAllowed($resource, $privilege, $role);
}示例8: _isAuthorized
protected function _isAuthorized($resource, $action)
{
$user = $this->_auth->hasIdentity() ? $this->_auth->getIdentity() : 'guest';
if (!$this->_acl->has($resource) || !$this->_acl->isAllowed($user, $resource, $action)) {
return false;
}
return true;
}示例9: _isAuthorized
protected function _isAuthorized($controller, $action)
{
$this->_acl = Zend_Registry::get('acl');
$user = $this->_auth->getIdentity();
if (!$this->_acl->has($controller) || !$this->_acl->isAllowed($user, $controller, $action)) {
return false;
}
return true;
}示例10: isAllowed
/**
* 是否有权限
*
* @param string $action
* @param string $controller
* @param string $module
* @param array $params
* @return boolean
*/
public function isAllowed($action, $controller, $module, $params = array())
{
$resource = ZtChart_Model_Acl_Resource::parsePageMvc($action, $controller, $module);
if (!$this->_acl->has($resource)) {
return true;
} else {
return $this->_acl->isAllowed($this->_role(), $resource, $this->_privileges());
}
}示例11: isAllowed
/**
* Checks if user has the right to do privilege on resource
*
* @param Zend_Acl_Resource $resource
* @param string $privilege
* @return boolean
*/
public function isAllowed($resource, $privilege)
{
if (empty(self::$_acl)) {
self::$_acl = Zend_Registry::get('Zend_Acl');
}
if (!self::$_acl->has($resource)) {
return true;
}
return self::$_acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $privilege);
}示例12: assert
/**
* Grant access if the user owns the record or the parent exhibit.
*/
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
$allPriv = $privilege . 'All';
$selfPriv = $privilege . 'Self';
if (!$role instanceof User) {
return false;
} else {
$allowedAll = $acl->isAllowed($role, $resource, $allPriv);
$allowedSelf = $acl->isAllowed($role, $resource, $selfPriv);
$ownsRecord = $this->_userOwnsRecord($role, $resource);
return $allowedAll || $allowedSelf && $ownsRecord;
}
}示例13: preDispatch
/**
*(non-PHPdoc)
*
* @see Zend_Controller_Plugin_Abstract::preDispatch()
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
/**
* Recupera a identidade do usuario logado
*
* @var Array
*/
$role = $this->auth->getIdentity();
/**
* Recursos que se deseja acesso
*
* @var String
*/
$resource = $this->getRequest()->getModuleName();
/**
* Ação permitida dentro de um resource
*
* @var String
*/
$action = $this->getRequest()->getModuleName() != 'admin' && $this->getRequest()->getModuleName() != 'sac' ? null : $this->getRequest()->getControllerName();
// Verificação condicional para os controllers e actions de upload
if (!($request->getActionName() == 'upload' || $request->getControllerName() == 'upload')) {
// Verifica se ha lixo na autenticacao
if (!is_array($role)) {
// Parametros
$params = array();
// Destroi qualquer instancia de autenticacao
$this->auth->clearIdentity();
// Altera a rota de destino
$request->setModuleName('admin')->setControllerName('login')->setActionName('index');
return;
}
// Verifica se o recurso existe e se o usuario logado tem acesso
if (!$this->acl->has($resource) || !$this->acl->isAllowed($role['usuario'], $resource, $action)) {
// Parametros
$params = array();
// Redireciona para o controller de login
if ($role['usuario'] != 'visitante') {
$params['erro'] = 'Você não possui permissão de acesso a este recurso.';
$request->setModuleName('admin')->setControllerName('index')->setActionName('index')->setParams($params);
} else {
if ($this->getRequest()->getModuleName() == "sac") {
$request->setModuleName('sac')->setControllerName('login')->setActionName('index')->setParams($params);
} else {
$request->setModuleName('admin')->setControllerName('login')->setActionName('index')->setParams($params);
}
}
return;
}
}
}示例14: preDispatch
/**
* Called before an action is dispatched by Zend_Controller_Dispatcher.
*
* This callback allows for proxy or filter behavior. By altering the
* request and resetting its dispatched flag (via
* {@link Zend_Controller_Request_Abstract::setDispatched() setDispatched(false)}),
* the current action may be skipped.
*
* @param Zend_Controller_Request_Abstract $request
* @return void
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// reset role & resource
Zend_Registry::set('Role', 'guest');
Zend_Registry::set('Resource', '');
// check if ErrorHandler wasn't fired
if ($request->getParam('error_handler')) {
return;
}
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
$pathInfo = $request->getPathInfo();
$allow = false;
if ($this->_auth->hasIdentity()) {
$userId = $this->_auth->getIdentity();
$roleId = $this->_auth->getRoleId();
$rolesList = $this->_em->find('Roles', $roleId);
$roleName = $rolesList->getRoleName();
$role = new Zend_Acl_Role($roleName);
} else {
$roleName = 'guest';
$role = new Zend_Acl_Role($roleName);
}
$resource = $action == '' ? trim($controller) . '/index' : trim($controller) . '/' . trim($action);
$resource = $module == 'default' ? $resource : $module . "/" . $resource;
// on main page resource might be empty
if ($resource == '') {
$resource = 'index/index';
}
// if resource not exist in db then check permission for controller
if (!$this->_acl->has($resource) && $action != '') {
$resource = trim($controller);
}
// check if user is allowed to see the page
$allow = $this->_acl->isAllowed($role, $resource);
if ($allow == false && $this->_auth->hasIdentity()) {
// user logged in but denied permission
$request->setModuleName('default');
$request->setControllerName('error');
$request->setActionName('forbidden');
/* $this->_response->setHeader('Content-type', 'text/html');
$this->_response->setHttpResponseCode(403);
$this->_response->setBody('<h1>403 - Forbidden</h1>');
$this->_response->sendResponse(); */
}
Zend_Registry::set('Role', $role);
Zend_Registry::set('Resource', $resource);
}示例15: assert
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role = null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
if ($acl->isAllowed($role, $resource, $privilege . ':all')) {
return true;
} elseif ($acl->isAllowed($role, $resource, $privilege . ':mine')) {
if ($resource->createdBy == $role->id) {
return true;
} else {
return false;
}
} else {
return false;
}
}