创建用户角色 [英] Creating user roles

问题描述

我正在symfony1.4中进行新项目.现在，此项目要求用户登录和浏览，并且由于该类型的任何项目都需要一种基于角色限制用户的方法. 我不想以明显的方式实现此目的，即为每个用户都具有角色属性，并具有预定义的角色并将其分配给用户.问题在于，随着以后定义更多的角色，它不是很灵活.

I am doing new project in symfony1.4. Now this project requires users to log-in and browse, and as any project of this type requires a way of restricting users based on roles. I don't want to implement this in obvious way, i.e to have roles attribute for each user and have pre-defined roles and assign these to users. The problem with this is it's not very flexible as more roles get defined later.

我当时正在考虑使用EAV模型，(不确定我可以在symfony中做到这一点).大家认为，您有什么更好的建议来使用户角色在添加或删除时更加灵活.

I was thinking on the lines of using an EAV model here, (not sure I can do that in symfony). What you guys think, do you have any better suggestions to make user roles much more flexible when they get added or deleted.

此外，基于用户角色显示页面的最佳方法是什么，因为我希望根据角色隐藏某些元素.我应该比较每个页面中的角色并隐藏每个页面中的元素吗?有更好的解决方案吗?

Also, what is the best way to display the page based on user roles, as I want some elements to be hidden according to the roles. Should I compare the role in each page and hide elements on every page? Is there a better solution?

请阐明这些.

谢谢

推荐答案

sfDoctrineGuard插件(http://www.symfony-project.org/plugins/sfDoctrineGuardPlugin)是一种处理用户身份验证，组和凭据的非常全面的方法.可以将用户单独或成组设置为权限，并且可以基于这些权限来限制对特定页面部分或整个操作的访问.您可以在控制器代码本身中设置新的用户凭据，例如

The sfDoctrineGuard plugin (http://www.symfony-project.org/plugins/sfDoctrineGuardPlugin) is a pretty comprehensive way of handling user authentication, groups and credentials. Users can be set permissions either individually or as a group, and access to specific page sections or entire actions can be restricted based on those permissions. You can set new user credentials in the controller code itself, e.g.

<?php
$this->getUser()->setCredential('editor');
?>

并验证用户在视图中是否具有特定权限:

And verify that a user has particular permissions in views:

<?php
if ($sf_user->hasCredential('editor')) {
  // stuff only for editors
}
?>

此页面上有许多关于自述文件未涵盖的插件的其他信息- http://trac.symfony-project.org/wiki/sfGuardPluginExtraDocumentation (尽管它是指Propel而不是教义).另外，以下系列简短教程非常有用:

This page has lots of extra info on the plugin not covered by the readme file - http://trac.symfony-project.org/wiki/sfGuardPluginExtraDocumentation (although it refers to Propel rather than Doctrine). Also the following series of short tutorials is pretty useful:

http://www.finalconcept.com. au/article/view/symfony-user-management-sfdoctrineguard-installation

http://www.finalconcept.com. au/article/view/symfony-user-management-sfdoctrineguard-administration

http://www.finalconcept. com.au/article/view/symfony-user-management-sfdoctrineguard-securing-actions

以及用户的Symfony教程页面:

And the Symfony tutorial page on users:

http://www.symfony-project.org/jobeet/1_4/Doctrine/zh/13

这篇关于创建用户角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！