gtrias/acl-manager-bundle

Symfony2 的 ACL 管理器

安装: 349

依赖: 2

建议者: 0

安全: 0

星星: 2

关注者: 3

分支: 33

开放问题: 0

类型:symfony-bundle

v1.3.1 2014-12-18 16:02 UTC

README

将此包添加到您的 composer.json 文件中

{
    "require": {
        "gtrias/acl-manager-bundle": "dev-master"
    }
}

app/AppKernel.php 中注册该包

<?php

// app/AppKernel.php
public function registerBundles()
{
    return array(
        // ...
        new Problematic\AclManagerBundle\ProblematicAclManagerBundle(),
    );
}

如果您还没有配置 ACL,请在 app/config/security.yml 中启用它

# app/config/security.yml
security:
    acl:
        connection: default

最后运行 ACL 初始化命令

php app/console init:acl

使用方法

<?php

$comment = new Comment(); // create some entity
// ... do work on entity

$em->persist($comment);
$em->flush(); // entity must be persisted and flushed before AclManager can act on it (needs identifier)
$aclManager = $this->get('problematic.acl_manager');

// Adds a permission no matter what other permissions existed before
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
// Or:
$aclManager->addObjectPermission($comment, MaskBuilder::MASK_OWNER);
// Replaces all current permissions with this new one
$aclManager->setObjectPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokePermission($comment, MaskBUILDER::MASK_DELETE, $userEntity);
$aclManager->revokeAllObjectPermissions($comment, $userEntity);

// Same with class permissions:
$aclManager->addClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
//Or:
$aclManager->addClassPermission(Comment::CLASS, MaskBuilder::MASK_OWNER, $userEntity);
//Or:
$aclManager->addClassPermission('Acme\\Bundle\\Entity\\Comment', MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->setClassPermission($comment, MaskBuilder::MASK_OWNER, $userEntity);
$aclManager->revokePermission($comment, MaskBUILDER::MASK_DELETE, $userEntity, 'class');
$aclManager->revokeAllClassPermissions($comment, $userEntity);

// You can alse use object-field...
$aclManager->addObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->setObjectFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->revokeFieldPermission($comment,, 'title' MaskBUILDER::MASK_DELETE, $userEntity);
$aclManager->revokeAllObjectFieldPermissions($comment, 'title', $userEntity);
// ...and class-field scope permissions :
$aclManager->addClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->setClassFieldPermission($comment, 'title', MaskBuilder:MASK_EDIT, $userEntity);
$aclManager->revokeFieldPermission($comment,, 'title' MaskBUILDER::MASK_DELETE, $userEntity, 'class');
$aclManager->revokeAllClassFieldPermissions($comment, 'title', $userEntity);

$aclManager->deleteAclFor($comment);
$em->remove($comment);
$em->flush();

如果没有提供 $userEntity,将使用当前会话用户。

如果您将在许多实体上执行操作,请使用 AclManager#preloadAcls()

<?php

$products = $repo->findAll();

$aclManager = $this->get('problematic.acl_manager');
$aclManager->preloadAcls($products);

// ... carry on

ACL ORM 过滤器

如果您正在使用 Doctrine ORM,您可以使用我们的过滤器直接检索授权行。

//Repository class

        $qb = $this->getEntityManager()->createQueryBuilder();
        $qb
            ->select('client_alias', 'client_user_alias')
            ->from($this->getEntityName(), 'client_alias')
            ->leftJoin('client_alias.user', 'client_user_alias')
        ;

        $query = $this->aclFilter->apply($qb, ['VIEW', 'EDIT'], $currentUser, 'client_alias');
		return $query->getResult();
        //Will return only rows where $currentUser is granted VIEW,EDIT on Client (retrieved form table alias client_alias)