查看ZF2 ACL检查链接 [英] ZF2 ACL check link in view

问题描述

我已经在引导程序中设置了我的角色、资源和权限，并在我的布局中设置了基于此的导航菜单，这很有效.

I have set up my roles, resources and permissions in my bootstrap, and in my layout have set up a navigation menu based on this, and this works.

我现在要做的是创建一个带有编辑/删除链接的管理面板，如果当前登录的用户具有这些权限.例如我可能有多个角色可以查看一个cms页面列表，但是只有某些角色可以编辑一个cms页面，只有某些角色可以删除一个cms页面.

What I am attempting to do now is create an admin panel with edit / delete links IF the current logged in user has those permissions. e.g. I may have multiple roles that can view a list of cms pages, but only certain roles can edit a cms page, and only certain roles can delete a cms page.

目前我只是检查用户是否登录:

At the moment I am just checking if the user is logged in:

<?php if($user = $this->identity()): ?>
    <?php if($user['role'] == 'admin'):?>
        <a href="/delete-url">Delete</a>
    <?php endif;?>
<?php endif;?>

如何从任意链接的视图中查看当前用户角色对指定资源的权限(如上)?

How do I check the permissions of the current user role for the specified resource from the view for an arbitrary link (as above)?

推荐答案

ACL 视图助手被注入到布局中，因此要检查角色是否可以访问资源，我们可以调用 $this->layout()->acl->isAllowed.

The ACL view helper is injected into the layout, so to check if a role has access to a resource, we can call $this->layout()->acl->isAllowed.

在此代码片段中，我们检查用户是否已登录($this->identity() 如果未登录，则返回 false，或详细信息(如果已登录)，则如果用户对资源具有删除"权限:

In this code snippet, we check if the user is logged in ($this->identity() returns false if not logged in, or an array of details if logged in), then if the user has 'delete' permission to the resource:

<?php if($user = $this->identity()); //is logged in? ?>
    <?php if($this->layout()->acl->isAllowed($user['role'], $resource, 'delete')):?>
        <a href="/delete-url">Delete</a>
    <?php endif;?>
<?php endif;?>

isAllowed 签名为 isAllowed($role = null, $resource = null, $privilege = null)

这篇关于查看ZF2 ACL检查链接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！