phalcon: acl权限控制

目录控制：

 

public/index.php:

$di['aclResource']=function(){
        return include_once '../app/config/frontbackAcl.php';
    };
    $di['dispatcher'] = function(){
        $eventManager = new \Phalcon\Events\Manager();
        $securyDeep = new SecurityDeep();
        $eventManager->attach("dispatch", $securyDeep);
        $dispatch = new \Phalcon\Mvc\Dispatcher();
        $dispatch->setEventsManager($eventManager);
        return $dispatch;
    };

　　

app/config/frontbackAcl.php:

return new \Phalcon\Config(array(

        'Manager'=> array(
            'rote'=>new \Phalcon\Acl\Role("Manager"),
            'resource'=>array(
                'Index'=> array("index", 'last', 'login', 'signup'),
                'Register'=> array('index', 'doing'),
                'Delete'=>array('index', 'delete')
            )
        ),
        'Operator'=>array(
            'rote'=>new \Phalcon\Acl\Role("Operator"),
            'resource'=>array(
                'Index'=> array("index", 'last', 'login','signup'),
                'Register'=> array('index', 'doing'),
            )
        )

));

　　

securityDeep.php:

use \Phalcon\Mvc\User\Plugin,
    \Phalcon\Events\Event,
    \Phalcon\Mvc\Dispatcher;
class SecurityDeep extends Plugin {

    public function __construct() { }

    public function _getAcl()
    {
        $acl = new \Phalcon\Acl\Adapter\Memory();
        //默认权限
        $acl->setDefaultAction(\Phalcon\Acl::DENY);
        //创建
        $allResource = $this->_callAcl();
        foreach($allResource as $key=>$value)
        {
            //创建角色,并将角色添加到acl
            $acl->addRole($value['rote']);
            //var_dump($value['rote']);
            foreach($value['resource'] as $k=>$v)
            {
                //echo $k.'<br>';
                foreach($v as $ky=>$vy)
                {
                    //添加资源
                    $acl->addResource(new \Phalcon\Acl\Resource(strtolower($k)), $vy);
                    //添加访问权限
                    $acl->allow($key, strtolower($k), $vy);
                   // echo '|--'.$k.':'.$vy.'<br>';
                }
            }
        }
        return $acl;
    }
    public function _callAcl()
    {
        if($this->persistent->acl == null) {
            $this->persistent->acl =  $this->aclResource;
        }
        return $this->persistent->acl;
    }

    public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher)
    {
        $controller = $dispatcher->getControllerName();
        $action = $dispatcher->getActionName();
        $role = '';
        if( $this->session->has('userInfo'))
        {
            $managerInfo = $this->session->get('userInfo');
            $role = $managerInfo['role'];
        }
        if(empty($role)) $role = 'Operator';
        $acl = $this->_getAcl();
        $isAllowed = $acl->isAllowed($role, strtolower($controller), strtolower($action));
        if(!$isAllowed)
        {
            //echo "no access";exit;

$dispatcher->forward(array(

'controller'=>'index',

'action'=>'error',

'params'=>array('msg'=>'no access')

));

} } }

　　

 

那么，在indexController.php页面中，可以通过如下方法，获取params传过来的值:

public function errorAction()
    {
        //获取传过来的参数
        $param = $this->dispatcher->getParams();
        $msg = isset($param['msg'])? $param['msg'] : '' ;


        $this->view->web_title = '错误';
        $this->view->pick('index/error');
    }