链接,表单和DOM元素的ACL和外观操作 [英] ACL and appearance manipulation of links, forms and DOM elements
问题描述
我想找出哪种策略最适合用于多模块化应用程序(管理员,默认值等)顶层的链接,表单和DOM元素外观操作(显示/隐藏)?
I would like to find out which strategy is the best for links, forms and DOM elements appearance manipulation (show/hide) on top level of multi modular application (admin, default, etc) ??
应该通过ACL来完成,其用法我很清楚,权限存储在DB中。
如果某人试图访问不允许他访问的某些页面(模块/控制器/操作),则会传递一个信息页面,指出不允许他访问。在那种情况下,所有元素都是可见的。
It should be done through ACL and it's usage I know well, permission are stored in DB. If someone tries to access certain page (module/controller/action) that is not allowed for him, an info page is passed which says that he is not allowed. In that case all elements are visible.
我想到了一些元素外观操纵策略:
I have a few strategies for elements appearance manipulation on my mind:
-
要在控制器中设置
To set in controller
$this->view->allow_delete_link = $acl->isAllowed($role, 'delete_post'); // boolean
并在视图文件中询问是真还是假并显示/隐藏
and to ask in view file if it is true or false and show/hide
<?php if ($this->allow_delete_link): ?>[link html] <?php endif; ?>
这里的缺点是,如果我在页面上有50个链接,我将需要在其中包含50行代码
The drawback here is if i have 50 links on page I will need to have 50 lines of code in my controller where I am doing this and I don't like that very much.
除了ACL是静态类外,它与第一个类似,因此视图文件会询问:
Similar to the first except ACL is static class so view file asks if:
<?php if(My_Custom_Acl::getIsAllowed('some_resource', 'delete_post_action'){ echo 'link'; } ?>
要创建一个视图助手,我将在创建其中的每个链接时调用它我会问登录的用户是否具有访问权限,如果是,则返回整个链接,否则返回或false。
查看帮助程序的速度很慢,所以这是我的最后选择。
To make one view helper which I will call upon creating every link in which I would ask if user that is logged in has access, if yes return the whole link, if not, return "" or false. View helpers are very slow so that's my last resort.
要为每个用户组创建单独的view.phtml文件,然后在记录用户的控制器中显示适当的视图。
$ this-> render('xx_view ');
这违反了DRYS,所以我认为这种方法不好。
To make separate view.phtml file for every group of users, then in controller, in which user is logged, show appropriate view. $this->render('xx_view'); This violates DRYS, so I think this method is not good.
是否有一些其他一些策略像这样的事情,因为如果已经选择了其中的任何4种,我已经看到我会头疼。
也许某些现有的插件/类可能是最好的?
Is there some other strategy for something like this, because I already see that I will have headache if I choose any of these 4. Maybe some existing plugin/class for that would be the best?
预先感谢!
我忘了提到我正在使用Zend框架和Zend_Acl。
I forgot to mention, that I am using Zend framework and Zend_Acl.
推荐答案
3是最佳解决方案,因为您经常需要将数据库行传递给isAllowed调用(例如,如果需要测试帖子的所有者以选择是否可以显示删除链接)。
3 is the best solution, because you often need to pass the database row to the isAllowed call (for example, if you need to test the owner of the post to choose if you can show the delete link).
您不能像在1中建议的那样在控制器中执行此操作,因为每行将需要一行。
You can't do this in the controller like you suggest in 1, because you will need one line for each row.
2很丑。
您可以通过扩展Zend_View来加快视图助手的分辨率: http://framework.zend.com/manual/fr/performance.view.html 。
You can speed up resolution of view helpers by extending Zend_View: http://framework.zend.com/manual/fr/performance.view.html.
这篇关于链接,表单和DOM元素的ACL和外观操作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
