How to exclude a controller action from authentica

2019-06-02 03:53发布

站内文章 / PHP
30 0 0

问题:

I'm trying to find a way so that one specific action in controller is excluded from auth and made public.

I need this to be done for API integration purposes.

Is there a place I could look at to change or include any functions to do this?

Below is what I have in Bootstrap.php

class Bootstrap extends Zend_Application_Bootstrap_Bootstrap
{
    protected function _initAutoload()
    {
        $moduleLoader = new Zend_Application_Module_Autoloader(array(
            'namespace' => '',
            'basePath' => APPLICATION_PATH));

        $options = array(
            'layout'     => 'layout',
            'layoutPath' => APPLICATION_PATH.'/views/layouts/',
        );

        $layout = Zend_Layout::startMvc($options);

        return $moduleLoader;
    }


}

回答1:

This is how i do my ACL controller plugin that has roles + resources where resources are combos of {{module}}_{{controller}} => array({{actions}})

<?php
class My_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
{
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        // set up acl
        $obj_acl = new Zend_Acl();

        // add the roles
    $obj_acl->addRole(new Zend_Acl_Role('guest'));
    $obj_acl->addRole(new Zend_Acl_Role('member'), 'guest');
    $obj_acl->addRole(new Zend_Acl_Role('admin'), 'member');

        // define all role/resource/actions
        $arr_role_resources = array(
            // role     => array of resources
            'guest'     => array(
                'default_index'                             => array('index', 'about-us', 'testimonials', 'interns', 'staff', 'contact-us'),
                'default_error'                             => array('error', 'denied'),
                'default_account'                           => array('index', 'login', 'register', 'logout', 'forgot-password'),
                'store_index'                               => array('index'),
                'store_category'                            => array('index', 'list', 'view'),
                'store_search'                          => array('index', 'results',),
                'store_product'                             => array('index', 'view', 'ajax-variant'),
                'store_cart'                                    => array('index', 'view', 'empty', 'checkout', 'payment', 'review', 'confirmation', 'apply-coupon'),
                'store-admin_index'                     => array('login')
            ),
            'member'        => array(
                'default_account'                           => array('index', 'me', 'update', 'change-password', 'orders', 'view-order'),
            ),
            'admin' => array(
                'store-admin_index'                     => array('index'),
                'store-admin_category'              => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_customers'             => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_customer-group'    => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_orders'                    => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_product'                   => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_coupon'                    => array('index', 'list', 'create', 'update', 'delete'),
                'store-admin_import'                    => array('index', 'list', 'create', 'update', 'delete'),
            )
        );

        // create a list of registered resources
        $registered_resources = array();

        // add the resources for each role
        foreach($arr_role_resources as $role => $arr_resource)
        {
            foreach($arr_resource as $name_resource => $subset)
            {
                // If the resource hasn't been added add it
                if(!in_array($name_resource, $registered_resources))
                {
                    // register the resource
                    $obj_acl->add(new Zend_Acl_Resource($name_resource));

                    // remember that we registered this resource
                    $registered_resources[] = $name_resource;
                }

                // add the subset of privileges this role has for this resource
            $obj_acl->allow($role, $name_resource, $subset);                
            }
        }

        // Admin can do anything by default
        $obj_acl->allow('admin', null);

        // fetch the current user's role
        $obj_auth = Zend_Auth::getInstance();
        $role       = 'guest';
        if($obj_auth->hasIdentity())
        {
            $role = strtolower($obj_auth->getIdentity()->role);
        }

        try
        {
            // requested resource
            $resource       = $request->module . '_' . $request->controller;
            $action     = $request->action;

            // Check to see if user's role has access to the current resource
            if(!$obj_acl->isAllowed($role, $resource, $action))
            {
                // direct users to an error page
                if($request->module == 'store-admin')
                {
                    $request->setModuleName('store-admin');
              $request->setControllerName('index');
                    $request->setActionName('login');
                }
                else
                {
              $request->setControllerName('error');
                    $request->setActionName('denied');
                }
            }           
        } 
        catch(Zend_Acl_Exception $e) {

            echo $e->getMessage();

            // direct users to an error page
      if($request->module == 'store-admin')
            {
                $request->setModuleName('store-admin');
          $request->setControllerName('index');
                $request->setActionName('login');
            }
            else
            {
          $request->setControllerName('error');
                $request->setActionName('denied');
            }

        }
    }
}


回答2:

use a plugin that extends Zend_Controller_Plugin_Abstract and then in the plugin code

public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        $controller = $request->controller;
        $action = $request->action;
        if (strtolower($controller) == 'zona' && strtolower($action) == 'xml')
            {
                return ;
                }
        else
        {
        //check auth
        }
}


标签: php zend-framework
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~