PHP 클래스 Acl_Core, ACL
This is a Kohana port of the Zend_ACL library, with a few changes.
Things that are different from Zend_ACL:
1) Your ACL definition is saved using the string identifiers of the roles/resources,
NOT the objects. This way, if you serialize the ACL, you won't end up with a
unneccesary large serialization string. You don't have to supply objects when
adding roles/resources. EG a $acl->add_role('user') is fine.
2) If you have defined assertions in your rules, the assert methods will have access
to the arguments you provided in the ->allow($role,$resource,$privilege) call.
So, if you provide a User_Model as $role, the assert method will receive this object,
and not the role_id of this object. This way, assertions become way more powerful.
3) Not all methods are implemented, because they weren't needed by me at the time.
However, the essential methods (the core of ACL) are implemented, so the missing methods
can be implemented easily when needed.
4) The methods are underscored instead of camelCased, so add_role, add_resource and is_allowed.
Ported to Kohana & modified by Wouter - see Kohana Forum.
Based on Zend_Acl:
파일 보기
프로젝트 열기: wouterrr/acl
1 사용 예제들
보호된 프로퍼티들
공개 메소드들
메소드 |
설명 |
|
__sleep ( ) |
|
|
add_resource ( $resource, $parents = NULL ) : ACL_Core |
Add a new resource. |
|
add_role ( $role, $parents = NULL ) : ACL_Core |
Add a new role. |
|
allow ( $roles = NULL, $resources = NULL, $privileges = NULL, Acl_Assert_Interface $assertion = NULL ) : ACL_Core |
Add "allow" access to a role. |
|
deny ( $roles = NULL, $resources = NULL, $privileges = NULL, Acl_Assert_Interface $assertion = NULL ) : ACL_Core |
Add "deny" access to a role. |
|
is_allowed ( $role = NULL, $resource = NULL, $privilege = NULL ) : boolean |
Check if a role is is allowed to a privilege on a resource. |
|
roles ( $name ) : array |
Get an array of role and all its parents. |
|
보호된 메소드들
메소드 |
설명 |
|
match ( $role, $resource, $privilege ) : boolean |
Check if a role is is allowed to a privilege on a resource. |
|
resources ( $name ) : array |
Get an array of resource and all its parents. |
|
비공개 메소드들
메소드 |
설명 |
|
add_rule ( $allow, $roles, $resources, $privileges, $assertion ) : ACL_Core |
Add a permission for a role, setting the resources, privileges, and
access type (allow, deny). |
|
메소드 상세
Add a "users" resource
$acl->resource('users');
Add a "news" resource
$acl->resource('news');
Add a "latest" resource with inherits from "news"
$acl->resource('latest', 'news');
public add_resource ( $resource, $parents = NULL ) : ACL_Core |
리턴 |
ACL_Core |
|
Add a "guest" role
$acl->role('guest');
Add a "member" role that inherits from "guest"
$acl->role('member', 'guest');
Add a "owner" role that inherits from "guest" and "member"
$acl->role('owner', array('guest','member'));
public add_role ( $role, $parents = NULL ) : ACL_Core |
리턴 |
ACL_Core |
|
Allow "guest" to "view" the news
$acl->allow('guest', 'news', 'view');
Allow "member" to "comment" on "news"
$acl->allow('member', 'news', 'comment');
Allow "admin" to do anything
$acl->allow('admin');
public allow ( $roles = NULL, $resources = NULL, $privileges = NULL, Acl_Assert_Interface $assertion = NULL ) : ACL_Core |
$assertion |
Acl_Assert_Interface |
|
리턴 |
ACL_Core |
|
Deny "member" to "edit" on "news"
$acl->deny('member', 'news', 'edit');
[!!] By default, everything in an access control list is denied. It is
not necessary to explicitly deny privileges except when an inherited role
is allowed access.
public deny ( $roles = NULL, $resources = NULL, $privileges = NULL, Acl_Assert_Interface $assertion = NULL ) : ACL_Core |
$assertion |
Acl_Assert_Interface |
|
리턴 |
ACL_Core |
|
Recursively checks all inherited roles and resources.
Is "guest" allowed to "commment" the "news"?
$acl->is_allowed('guest', 'news', 'comment');
Is "member" allowed to "commment" the "news"?
$acl->allowed('member', 'news', 'commment');
Recursively checks all inherited roles and resources.
Get all resources for the 'news' resource
$roles = $acl->resources('news');
Get all roles for the 'member' role
$roles = $acl->roles('member');
프로퍼티 상세
$_permissions 보호되어 있는 프로퍼티
Current role/resource/privilege being matched