Zend Navigation和RBAC [英] Zend Navigation and RBAC
问题描述
我正在开发基于ZF2的网站.我有一个主导航,无论访客/用户状态如何,它都保持不变.需要添加另一个组件/导航,这将取决于用户的状态和角色.对于访客而言,物品将是
I am developing a ZF2 based site. I have a main navigation which stays same regardless of the visitor/user status. Need to add another component/nav, which will depend on the user's status and role. For a visitor the items will be
- 注册
- 登录
- EN(实际上是一个下拉菜单,带有其他可用语言)
对于已登录的普通用户,它将显示
For a logged-in normal user, it will display
- 个人资料
- 注销
- EN(如上所述的语言选择器)
对于某些具有特定角色/权限的用户,还会有其他项目
And for some users with specific roles/permission there will be additional items
我想使用RBAC,因为ACL似乎过分膨胀,并且还只是要检查当前登录的用户/角色是否还有其他项,所以我需要加载完整的ACL(我们有大约15种以上不同类型的角色)
I want to use RBAC, as ACL seems bloated, and also just to check if the current logged in user/role has additional items, I need to load the complete ACL (and we got around 15+ different types of roles).
我花了一些时间思考如何实现这一目标,因此以下是我的一些想法.
I spent some time thinking how I have achieve this, so following are some ideas I have.
- 我创建一个空的导航容器,并创建一个工厂.在工厂中,我访问Authentication和RBAC并根据用户的状态/角色添加页面.
- 我用所有可能的页面创建一个完全加载的导航,然后在工厂中,借助Authentication和RBAC,我隐藏了不想显示的页面.
-
rd选项是使用视图助手,该助手将通过ServiceLayer获取RBAC并生成导航. (如 ZF2如何在布局中显示推文和 ZF2:在模板中添加一个登录小部件.
- 或者我可以在module.php中创建一个控制器插件或只是一个方法,并监听MVC_Render或MVC_Dispatch事件并生成所需的导航并将输出添加到视图变量中.
- I create an empty navigation container, and create a factory. In the factory, I access the Authentication and RBAC and add the pages depending on the the user's status/role.
- I create a fully loaded navigation with all the possible pages, then in the factory, with the help of Authentication and RBAC I hide the pages I don't want to show.
rd option is to use a view helper which will get RBAC via ServiceLayer and generate the navigation. (As discussed in ZF2 how to display tweets in layout and ZF2 : Add a Login widget in the template.
- Or I can create a controller-plugin or just a method in module.php, and listen to the MVC_Render or MVC_Dispatch event and generate the desired navigation and add the output to a view variable.
PS:我需要使用局部语言,因为我需要在语言选择部分添加一些CSS类.导航也将显示在布局中.
PS: I need to use a partial as I need to add some CSS class to the language selection section. Also the navigation will be displayed in the layout.
推荐答案
我正在使用 ZfcRbac 并且我正在按照以下步骤进行操作,您可以根据用户角色和导航项权限显示导航,如下所示:
I am using ZfcRbac and I am doing it as the following, you can display the navigation based on user roles and the navigation items permission as the following:
首先向您的导航项添加一个权限,如下所示:
First add a permission to your navigation item as the following:
'permission' => 'edit-profile',
然后在onBootstrap
中附加一个侦听器,如下所示:
Then attach a listener in the onBootstrap
as the following:
public function onBootstrap(MvcEvent $e)
{
$eventManager = $e->getApplication()->getEventManager();
$eventManager->getSharedManager()->attach(
'Zend\View\Helper\Navigation\AbstractHelper',
'isAllowed',
array('\Application\Listener\RbacListener', 'accept')
);
$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);
}
然后创建一个类Application\Listener\RbacListener
,如下所示:
Then create a class Application\Listener\RbacListener
as the following:
public function accept(Event $event) {
$event->stopPropagation();
$accepted = true;
$serviceLocator = $event->getTarget()->getServiceLocator()->getServiceLocator();
$rbac = $serviceLocator->get('ZfcRbac\Service\Rbac');
$params = $event->getParams();
$page = $params['page'];
$permission = $page->getPermission();
if ($permission) {
$accepted = $rbac->isGranted($permission);
}
return $accepted;
}
,由此,当您显示菜单时,将根据权限和角色对其进行过滤,例如,如果执行echo $this->navigation('navigation')->menu()
,则将仅显示用户具有权限的菜单项.
and by this when you display the menu it will be filtered based on the permission and roles, for example if you do echo $this->navigation('navigation')->menu()
then only the menu items that the user has permission on will be displayed.
这篇关于Zend Navigation和RBAC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!