通过以下链接搜索:
gtrias / acl-manager-bundle
Symfony2 的 ACL 管理器
v1.3.1
2014-12-18 16:02 UTC
Requires
- php: >=5.4
- symfony/framework-bundle: 2.*
- symfony/security-bundle: 2.*
Requires (Dev)
- doctrine/orm: ~2.4
Suggests
- doctrine/couchdb-odm-bundle: *
- symfony/doctrine-bundle: *
- symfony/mongodb-odm-bundle: *
This package is not auto-updated.
Last update: 2024-09-14 15:58:03 UTC
README
将此包添加到您的 composer.json 文件中
{
"require": {
"gtrias/acl-manager-bundle": "dev-master"
}
}
在 app/AppKernel.php 中注册该包
<?php // app/AppKernel.php public function registerBundles() { return array( // ... new Problematic\AclManagerBundle\ProblematicAclManagerBundle(), ); }
如果您还没有配置 ACL,请在 app/config/security.yml 中启用它
# app/config/security.yml security: acl: connection: default
最后运行 ACL 初始化命令
php app/console init:acl
使用方法
<?php $comment = new Comment(); // create some entity // ... do work on entity $em->persist($comment); $em->flush(); // entity must be persisted and flushed before AclManager can act on it (needs identifier) $aclManager = $this->get('problematic.acl_manager'); // Adds a permission no matter what other permissions existed before $aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity); // Or: $aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER); // Replaces all current permissions with this new one $aclManager->setObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity); $aclManager->revokePermission($comment, MaskBUILDER::MASK_DELETE, $userEntity); $aclManager->revokeAllObjectPermissions($comment, $userEntity); // Same with class permissions: $aclManager->addClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity); //Or: $aclManager->addClassPermission(Comment::CLASS, MaskBuilder::MASK_OWNER, $userEntity); //Or: $aclManager->addClassPermission('Acme\\Bundle\\Entity\\Comment', MaskBuilder::MASK_OWNER, $userEntity); $aclManager->setClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity); $aclManager->revokePermission($comment, MaskBUILDER::MASK_DELETE, $userEntity, 'class'); $aclManager->revokeAllClassPermissions($comment, $userEntity); // You can alse use object-field... $aclManager->addObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity); $aclManager->setObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity); $aclManager->revokeFieldPermission($comment,, 'title' MaskBUILDER::MASK_DELETE, $userEntity); $aclManager->revokeAllObjectFieldPermissions($comment, 'title', $userEntity); // ...and class-field scope permissions : $aclManager->addClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity); $aclManager->setClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity); $aclManager->revokeFieldPermission($comment,, 'title' MaskBUILDER::MASK_DELETE, $userEntity, 'class'); $aclManager->revokeAllClassFieldPermissions($comment, 'title', $userEntity); $aclManager->deleteAclFor($comment); $em->remove($comment); $em->flush();
如果没有提供 $userEntity,将使用当前会话用户。
如果您将在许多实体上执行操作,请使用 AclManager#preloadAcls()
<?php $products = $repo->findAll(); $aclManager = $this->get('problematic.acl_manager'); $aclManager->preloadAcls($products); // ... carry on
ACL ORM 过滤器
如果您正在使用 Doctrine ORM,您可以使用我们的过滤器直接检索授权行。
//Repository class $qb = $this->getEntityManager()->createQueryBuilder(); $qb ->select('client_alias', 'client_user_alias') ->from($this->getEntityName(), 'client_alias') ->leftJoin('client_alias.user', 'client_user_alias') ; $query = $this->aclFilter->apply($qb, ['VIEW', 'EDIT'], $currentUser, 'client_alias'); return $query->getResult(); //Will return only rows where $currentUser is granted VIEW,EDIT on Client (retrieved form table alias client_alias)