CodeIgniter与Zend Acl结合实现轻量级权限控制
CodeIgniter与Zend Acl结合实现轻量级权限控制 Tag :CodeIgniter Zend Acl 权限控制 1、 Zend_Acl简介 Zend_Acl 为权限管理提供轻量并灵活的访问控制列表 (ACL,access control list) 的实现。通常地,应用软件能够利用这样的功能限制某些特定对象来访问特定保护的对象。 resource (资源)是一个限制访问的对象。 在 Zend_Acl 中,建立一个 resource 很是简单。Zend_Acl 提供了 resource 接口Zend_Acl_Resource_Interface 使开发者在程序中建立 resources 很是容易。 role (角色)是一个能够发出请求去访问Resource的对象。像 Resources 同样,建立一个 role 也很是简单。 Zend_Acl 提供了 Zend_Acl_Role_Interface 使开发者建立 roles 很是容易。 经过规范和访问控制列表(ACL)的使用,应用软件能够控制角色(roles)如何来访问资源(resources)。 2、 CodeIgniter设置 解压ZendAcl目录,放置在system/libraries/中以下图所示: 其中包含Acl.php和Excetion.php两个必须文件,以及Acl权限控制文件。固然,修改文件包含为绝对路径。例如:Acl.php中的包含文件修改成: require_once BASEPATH.'/libraries/zend/Acl/Resource/Interface.php'; require_once BASEPATH.'/libraries/zend/Acl/role.php'; require_once BASEPATH.'/libraries/zend/Acl/Resource.php'; 下面咱们在application/libraries/中写下咱们本身的library—Acl.php <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /* * library Acl * @auth Liuguoqing * date 20091225 * Using the Zend Framework ACL Library in Codeigniter * Acl.php * $roles :角色 * $resources: 资源 * $permissions: 权限 */ require_once BASEPATH .'libraries/zend/Acl.php'; class CI_Acl extends Zend_Acl { /* * 初始化Acl */ function __construct() { $CI = &get_instance(); $this->acl = new Zend_Acl(); //获取角色 $CI->db->order_by('ParentId', 'ASC'); $query = $CI->db->get('cw_roles'); $roles = $query->result(); //获取资源 $CI->db->order_by('parentId', 'ASC'); $query = $CI->db->get('cw_resources'); $resources = $query->result(); //获取权限 $query = $CI->db->get('cw_permissions'); $permissions = $query->result(); //Add the roles to the ACL foreach ($roles as $roles) { $role = new Zend_Acl_Role($roles->id); $roles->parentId != null ? $this->acl->addRole($role,$roles->parentId): $this->acl->addRole($role); } //Add the resources to the ACL foreach($resources as $resources) { $resource = new Zend_Acl_Resource($resources->id); $resources->parentId != null ? $this->acl->add($resource, $resources->parentId): $this->acl->add($resource); } //Add the permissions to the ACL foreach($permissions as $perms) { $perms->read == '1' ? $this->acl->allow($perms->role, $perms->resource, 'read') : $this->acl->deny($perms->role, $perms->resource, 'read'); $perms->write == '1' ? $this->acl->allow($perms->role, $perms->resource, 'write') : $this->acl->deny($perms->role, $perms->resource, 'write'); $perms->modify == '1' ? $this->acl->allow($perms->role, $perms->resource, 'modify') : $this->acl->deny($perms->role, $perms->resource, 'modify'); $perms->publish == '1' ? $this->acl->allow($perms->role, $perms->resource, 'publish') : $this->acl->deny($perms->role, $perms->resource, 'publish'); $perms->delete == '1' ? $this->acl->allow($perms->role, $perms->resource, 'delete') : $this->acl->deny($perms->role, $perms->resource, 'delete'); } //Change this to whatever id your adminstrators group is //管理员默认拥有全部权限 $this->acl->allow('1'); } /* * Methods to query the ACL. */ function can_read($role, $resource) { return $this->acl->isAllowed($role, $resource, 'read')? TRUE : FALSE; } function can_write($role, $resource) { return $this->acl->isAllowed($role, $resource, 'write')? TRUE : FALSE; } function can_modify($role, $resource) { return $this->acl->isAllowed($role, $resource, 'modify')? TRUE : FALSE; } function can_delete($role, $resource) { return $this->acl->isAllowed($role, $resource, 'delete')? TRUE : FALSE; } function can_publish($role, $resource) { return $this->acl->isAllowed($role, $resource, 'publish')? TRUE : FALSE; } } 至此,咱们就能够在controller中加载本身的类库实现权限控制了。可是咱们发现仍是不很方便,为此咱们能够再添加一个zendacl_helper: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * ZendAcl Helper * * Contains shortcuts to well used Userlib functions * Using the Zend Framework ACL Library in Codeigniter * @package CentWare * @subpackage Helpers * @author Liu Guoqing * @copyright Copyright (c) 2010 * @license * @link * @filesource */ // --------------------------------------------------------------------------- /* * * check_acl * check_acl 权限控制设置 * $resource 资源 * $action 动做 * @author Liuguoqing */ if( ! function_exists('check_acl')) { function check_acl($resource,$action=NULL) { $CI = & get_instance(); $role=$CI->session->userdata('Roelid'); if($action=='read'){ return $CI->acl->can_read($role, $resource); } if($action=='add'){ return $CI->acl->can_write($role, $resource); } if($action=='modify'){ return $CI->acl->can_modify($role, $resource); } if($action=='delete'){ return $CI->acl->can_delete($role, $resource); } if($action=='publish'){ return $CI->acl->can_publish($role, $resource); } return FALSE; } } /* End of file zendacl_helper.php */ /* Location: ./helpers/zendacl_helper.php */
3、 服数据库结构表: SQl:-- -- 表的结构 `ci_sessions` -- CREATE TABLE IF NOT EXISTS `ci_sessions` ( `session_id` varchar(40) character set latin1 NOT NULL default '0', `ip_address` varchar(16) character set latin1 NOT NULL default '0', `user_agent` varchar(50) character set latin1 NOT NULL, `user_data` text NOT NULL, `last_activity` int(10) unsigned NOT NULL default '0', PRIMARY KEY (`session_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; -- -- 表的结构 `cw_permissions` -- CREATE TABLE IF NOT EXISTS `cw_permissions` ( `id` int(11) NOT NULL auto_increment, `role` int(11) default NULL COMMENT '角色', `resource` int(11) default NULL COMMENT '资源', `read` tinyint(1) default '0', `write` tinyint(1) default '0', `modify` tinyint(1) default '0', `delete` tinyint(1) default '0', `publish` tinyint(1) default '0', `description` varchar(255) collate utf8_bin default NULL COMMENT '描述', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; -- -- 表的结构 `cw_resources` -- CREATE TABLE IF NOT EXISTS `cw_resources` ( `id` int(11) NOT NULL auto_increment, `name` varchar(255) collate utf8_bin default NULL COMMENT '名称', `description` varchar(255) collate utf8_bin default NULL COMMENT '描述', `parentId` int(11) default NULL COMMENT '父类ID', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; -- -- 表的结构 `cw_roles` -- CREATE TABLE IF NOT EXISTS `cw_roles` ( `id` int(11) NOT NULL auto_increment, `name` varchar(255) collate utf8_bin NOT NULL, `description` varchar(255) collate utf8_bin default NULL, `date` datetime NOT NULL COMMENT '日期', `parentId` int(11) default NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ; -- -- 表的结构 `cw_users` -- CREATE TABLE IF NOT EXISTS `cw_users` ( `id` int(10) unsigned NOT NULL auto_increment, `username` varchar(32) NOT NULL, `password` varchar(40) NOT NULL, `email` varchar(254) NOT NULL, `active` tinyint(1) unsigned NOT NULL default '0', `roles` int(10) unsigned default NULL, `activation_key` varchar(32) default NULL, `last_visit` timestamp NULL default CURRENT_TIMESTAMP, `created` datetime NOT NULL, `modified` datetime default NULL, PRIMARY KEY (`id`), UNIQUE KEY `username` (`username`), UNIQUE KEY `email` (`email`), KEY `password` (`password`), KEY `group` (`roles`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
FROM: http://blog.csdn.net/djboy850317/article/details/5105501php
相关文章
- 1. zookeeper的ACL权限控制
- 2. hdfs的acl权限控制
- 3. zookeeper ACL 权限控制
- 4. linux ACL权限控制
- 5. ZooKeeper ACL权限控制
- 6. kafka权限控制-Acl
- 7. zookeeper 四 : ACL 权限控制
- 8. phalcon: acl权限控制
- 9. spring ACL 权限控制
- 10. Codeigniter-实现权限认证
- 更多相关文章...
- • Hibernate整合EHCache实现二级缓存 - Hibernate教程
- • MyBatis与Spring的整合实例 - MyBatis教程
- • Docker容器实战(六) - 容器的隔离与限制
- • Spring Cloud 微服务实战(三) - 服务注册与发现
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
欢迎关注本站公众号,获取更多信息
相关文章