本文整理汇总了PHP中Zend\Permissions\Acl\Acl::isAllowed方法的典型用法代码示例。如果您正苦于以下问题:PHP Acl::isAllowed方法的具体用法?PHP Acl::isAllowed怎么用?PHP Acl::isAllowed使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Zend\Permissions\Acl\Acl的用法示例。
在下文中一共展示了Acl::isAllowed方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: _checkAcl
/**
* Checks if the current user has the priviledge to do something.
*
* @param string $priviledge
* @return AccessProhibitedException
**/
protected function _checkAcl($priviledge)
{
$service = new UserService($this->_em);
if (!$this->_acl->isAllowed($service->getCurrentRole(), $this, $priviledge)) {
throw new AccessProhibitedException('Access is prohibited.');
}
}示例2: isAllowed
/**
* Check the acl
*
* @param string $resource
* @param string $privilege
* @return boolean
*/
public function isAllowed($resource = null, $privilege = null)
{
if (null === $this->acl) {
$this->getAcl();
}
return $this->acl->isAllowed($this->getIdentity()->getRoleId(), $resource, $privilege);
}示例3: testBuildItemWillAddRulesToAcl
public function testBuildItemWillAddRulesToAcl()
{
$this->assertFalse($this->acl->isAllowed('guest', 'login'));
$this->assertFalse($this->acl->isAllowed('user', null, 'GET'));
$this->assertTrue($this->object->buildItem());
$this->assertTrue($this->acl->isAllowed('guest', 'login'));
$this->assertTrue($this->acl->isAllowed('user', null, 'GET'));
}示例4: can
/**
* @param \Zend\Permissions\Acl\Resource\ResourceInterface|string $resource
* @param string $action
* @return bool
*/
public function can($resource, $action)
{
foreach ($this->roles as $role) {
if ($this->acl->isAllowed($role, $resource, $action)) {
return true;
}
}
return false;
}示例5: testBuildCanAcceptXMLAsString
public function testBuildCanAcceptXMLAsString()
{
$content = file_get_contents(__DIR__ . '/fixtures/test.xml');
$this->object = new AclBuilder(new StringType($content), $this->acl);
$this->assertTrue($this->object->build());
$this->assertTrue($this->acl->hasRole('guest'));
$this->assertTrue($this->acl->hasResource('logout'));
$this->assertTrue($this->acl->isAllowed('guest', 'login'));
$this->assertTrue($this->acl->isAllowed('user', null, 'GET'));
}示例6: handle
/**
* Run the request filter.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next, $resource = null, $permission = null)
{
if ($this->auth->guest()) {
if (!$this->acl->isAllowed('guest', $resource, $permission)) {
return $this->notAllowed($request);
}
} elseif (!$this->acl->isAllowed($this->auth->user(), $resource, $permission)) {
return $this->notAllowed($request);
}
return $next($request);
}示例7: isAllowed
/**
* Check is the user is allowed to the resource on the privilege
*
* @param string $resource
* @param string $privilege
* @return bool
*/
public function isAllowed($user, $resource, $privilege)
{
//Get user roles
$roles = $user->getRoles();
//Check each role if one of them was allowed
foreach ($roles as $role) {
if ($this->acl->isAllowed($role, $resource, $privilege)) {
return true;
}
}
return false;
}示例8: checkAutorisation
/**
*
* @param string $name
* @param string $routename
* @return boolean
*/
public function checkAutorisation($name, $routename)
{
$this->initAcl();
$config = $this->getServiceLocator()->get('Config');
$filePath = $config['auth']['filePath'];
$reader = new Ini();
try {
$usersData = $reader->fromFile($filePath);
} catch (\Exception $e) {
error_log($e->getMessage());
return false;
}
return is_array($usersData) && array_key_exists($name, $usersData) && $this->acl->hasResource($routename) && $this->acl->hasRole($usersData[$name]) && $this->acl->isAllowed($usersData[$name], $routename);
}示例9: testAllowNullPermissionAfterResourcesExistShouldAllowAllPermissionsForRole
/**
* @group 4226
*/
public function testAllowNullPermissionAfterResourcesExistShouldAllowAllPermissionsForRole()
{
$this->_acl->addRole('admin');
$this->_acl->addResource('newsletter');
$this->_acl->allow('admin');
$this->assertTrue($this->_acl->isAllowed('admin'));
}示例10: isAuthorized
/**
* Check if ACL is Authorized
*
* @return Ambigous <boolean, NULL>
*/
public function isAuthorized()
{
// Get current Role, Resource & Privilege
$role = $this->getAdapter()->getRole();
$resource = $this->getAdapter()->getResource();
$privilege = $this->getAdapter()->getPrivilege();
// if resource is defined in ACL resource
if ($this->hasResource($resource)) {
// If role is not define in ACL, we return an exception
if (!$this->hasRole($role)) {
throw new Exception\RoleNotDefinedException($role);
}
$rules = $this->getAdapter()->getRules();
// If the resource is defined in resources list but dont have rules, we generate exception
if (isset($rules['allow'])) {
$resourcesDefinedInRules = array_keys($rules['allow']);
}
if (!in_array($resource, $resourcesDefinedInRules)) {
throw new Exception\ResourceHaveNoAllowRuleException($resource);
}
// If the resource dont have allow rule the resource, we dont authorize
$privilegesDefinedInResource = array_keys($rules['allow'][$resource]);
if (!in_array($privilege, $privilegesDefinedInResource)) {
throw new Exception\ResourcePrivilegeHaveNoAllowRuleException($resource, $privilege);
}
// Check if trio role, resource & privilege allowed
$isAuthorized = parent::isAllowed($role, $resource, $privilege);
if ($isAuthorized) {
return true;
} else {
throw new Exception\AccessNotAllowedException();
}
}
return true;
}示例11: doAuthorization
public function doAuthorization($e)
{
return;
//setting ACL...
$acl = new Acl();
//add role ..
$acl->addRole(new Role('anonymous'));
$acl->addRole(new Role('user'), 'anonymous');
$acl->addRole(new Role('admin'), 'user');
$acl->addResource(new Resource('Stick'));
$acl->addResource(new Resource('Auth'));
$acl->deny('anonymous', 'Stick', 'list');
$acl->allow('anonymous', 'Auth', 'login');
$acl->allow('anonymous', 'Auth', 'signup');
$acl->allow('user', 'Stick', 'add');
$acl->allow('user', 'Auth', 'logout');
//admin is child of user, can publish, edit, and view too !
$acl->allow('admin', 'Stick');
$controller = $e->getTarget();
$controllerClass = get_class($controller);
$namespace = substr($controllerClass, strrpos($controllerClass, '\\') + 1);
$role = !$this->getSessContainer()->role ? 'anonymous' : $this->getSessContainer()->role;
echo $role;
exit;
if (!$acl->isAllowed($role, $namespace, 'view')) {
$router = $e->getRouter();
$url = $router->assemble(array(), array('name' => 'Login/auth'));
$response = $e->getResponse();
$response->setStatusCode(302);
//redirect to login route...
$response->getHeaders()->addHeaderLine('Location', $url);
}
}示例12: isAllowed
/**
* @param string|ResourceInterface $resource
* @param string $privilege
*
* @return bool
*/
public function isAllowed($resource, $privilege = null)
{
$this->loaded && $this->loaded->__invoke();
try {
return $this->acl->isAllowed($this->getIdentity(), $resource, $privilege);
} catch (InvalidArgumentException $e) {
return false;
}
}示例13: allows
/**
* Function to check permission
*
* @param null $resource
* @param null $privilege
* @param null $profile
* @return bool
*/
public function allows($resource = null, $privilege = null, $profile = null)
{
if ($profile === null) {
$profile = auth('pulsar')->user()->profile_id_010;
}
try {
return parent::isAllowed($profile, $resource, $privilege);
} catch (Exception\InvalidArgumentException $e) {
return false;
}
}示例14: authorize
/**
* check authorized role for specific resources
* @param MvcEvent $e
*/
public function authorize(MvcEvent $e)
{
$application = $e->getApplication();
$serviceManger = $application->getServiceManager();
$authenticationService = $serviceManger->get('Zend\\Authentication\\AuthenticationService');
$loggedUser = $authenticationService->getIdentity();
$role = !$loggedUser ? self::DEFAULT_ROLE : $loggedUser->getRole();
//get current resource
$routeMatch = $e->getRouteMatch();
$routeName = $routeMatch->getMatchedRouteName();
$controller = $routeMatch->getParam('controller', 'not-found');
$action = $routeMatch->getParam('action');
$this->acl = $this->setAcl();
$isAllowed = $this->acl->isAllowed($role, $controller, $action);
if (!$isAllowed) {
$response = $e->getResponse();
$response->setStatusCode(404);
}
return $isAllowed;
}示例15: __construct
public function __construct()
{
// 添加初始化事件函数
$eventManager = $this->getEventManager();
$serviceLocator = $this->getServiceLocator();
$eventManager->attach(MvcEvent::EVENT_DISPATCH, function ($event) use($eventManager, $serviceLocator) {
// 权限控制
$namespace = $this->params('__NAMESPACE__');
$controller = $this->params('controller');
$action = $this->params('action');
if ($namespace == 'Idatabase\\Controller' && php_sapi_name() !== 'cli') {
// 身份验证不通过的情况下,执行以下操作
if (!isset($_SESSION['account'])) {
$event->stopPropagation(true);
$event->setViewModel($this->msg(false, '未通过身份验证'));
}
// 授权登录后,检查是否有权限访问指定资源
$role = isset($_SESSION['account']['role']) ? $_SESSION['account']['role'] : false;
$resources = isset($_SESSION['account']['resources']) ? $_SESSION['account']['resources'] : array();
$action = $this->getMethodFromAction($action);
$currentResource = $controller . 'Controller\\' . $action;
if ($role && $role !== 'root') {
$acl = new Acl();
$acl->addRole(new Role($role));
foreach ($resources as $resource) {
$acl->addResource(new Resource($resource));
$acl->allow($role, $resource);
}
$isAllowed = false;
try {
if ($acl->isAllowed($role, $currentResource) === true) {
$isAllowed = true;
}
} catch (InvalidArgumentException $e) {
}
if (!$isAllowed) {
$event->stopPropagation(true);
$event->setViewModel($this->deny());
}
}
}
$this->preDispatch();
if (method_exists($this, 'init')) {
try {
$this->init();
} catch (\Exception $e) {
$event->stopPropagation(true);
$event->setViewModel($this->deny($e->getMessage()));
}
}
}, 200);
}