Zend_Acl
说明:访问控制列表(ACL)是应用在路由器接口的指令列表。该指令列表用来告诉路由器哪些数据包可以接收、哪些数据包需要拒绝。至于数据包是被接收还是拒绝,可以由类似于源地址、目的地址、端口号等的特定指示条件来决定。使用Zend Framework中的Zend_Acl组件即可实现完整的访问控制。
Zend_Acl组件中定义了两个重要的概念,即资源与角色。资源(Resource)是指一个被限制访问的对象;角色(Role)则是指可以发出请求来访问资源的对象。Zend_Acl组件中分别以Zend_Acl_Role类与Zend_Acl_Resource类来表示资源与角色。要创建角色与资源只需要为这些类实例化对象即可。
要将指定的角色注册到访问控制列表中,可以使用访问控制列表实例的addRole()方法;要将资源注册到访问控制列表中,可以使用访问控制列表实例的add()方法;要指定某个角色访问访问资源,可以使用访问控制列表实例的allow()方法
代码实例如下:
<?php
class Model_Acl extends Zend_Acl
{
public function __construct()
{
/*
* Need to implement these fatures . Just to show what are the things I am going to add
*/
/*
* Add a new role called "guest"
* Guest can view contents of the site
*/
$this->addRole(new Zend_Acl_Role('guest'));
/*
* Add a role called user, which inherits from guest
* Users can post comments in site
*/
$this->addRole(new Zend_Acl_Role('user'), 'guest');
/*
* Add a role called blogger, which inherits from user
* Bloggers can post contents
*/
$this->addRole(new Zend_Acl_Role('blogger'), 'user');
/*
* Add a role for admin which inherits blogger
* With every privilages
*/
$this->addRole(new Zend_Acl_Role('admin'), 'blogger');
//Add a resource called posts
$this->add(new Zend_Acl_Resource('posts'));
//Add a resource called posts
$this->add(new Zend_Acl_Resource('comments'));
//Finally, we want to allow guests to view pages
$this->allow('guest', 'posts', 'view');
//User can add comments
$this->allow('user', 'comments', 'add');
// Bloggers can add, edit posts
$this->allow('blogger', 'posts', 'edit');
$this->allow('blogger', 'posts', 'add');
}}
浙公网安备 33010602011771号