Zend Navigation and RBAC

2019-02-15 16:25发布

站内问答 / 前端开发
1677 1 2

I am developing a ZF2 based site. I have a main navigation which stays same regardless of the visitor/user status. Need to add another component/nav, which will depend on the user's status and role. For a visitor the items will be

  • Register
  • Login
  • EN (Actually a drop-down, with other available language)

For a logged-in normal user, it will display

  • Profile
  • Logout
  • EN (Language selector as mentioned above)

And for some users with specific roles/permission there will be additional items

I want to use RBAC, as ACL seems bloated, and also just to check if the current logged in user/role has additional items, I need to load the complete ACL (and we got around 15+ different types of roles).

I spent some time thinking how I have achieve this, so following are some ideas I have.

  1. I create an empty navigation container, and create a factory. In the factory, I access the Authentication and RBAC and add the pages depending on the the user's status/role.
  2. I create a fully loaded navigation with all the possible pages, then in the factory, with the help of Authentication and RBAC I hide the pages I don't want to show.

  3. rd option is to use a view helper which will get RBAC via ServiceLayer and generate the navigation. (As discussed in ZF2 how to display tweets in layout and ZF2 : Add a Login widget in the template.

  4. Or I can create a controller-plugin or just a method in module.php, and listen to the MVC_Render or MVC_Dispatch event and generate the desired navigation and add the output to a view variable.

PS: I need to use a partial as I need to add some CSS class to the language selection section. Also the navigation will be displayed in the layout.

1条回答
戒情不戒烟
2楼-- · 2019-02-15 16:46

I am using ZfcRbac and I am doing it as the following, you can display the navigation based on user roles and the navigation items permission as the following:

First add a permission to your navigation item as the following:

'permission' => 'edit-profile',

Then attach a listener in the onBootstrap as the following:

public function onBootstrap(MvcEvent $e)
{
    $eventManager        = $e->getApplication()->getEventManager();
    $eventManager->getSharedManager()->attach(
        'Zend\View\Helper\Navigation\AbstractHelper', 
        'isAllowed', 
        array('\Application\Listener\RbacListener', 'accept')
    );
    $moduleRouteListener = new ModuleRouteListener();
    $moduleRouteListener->attach($eventManager);
}

Then create a class Application\Listener\RbacListener as the following:

public function accept(Event $event) { 
    $event->stopPropagation();

    $accepted = true;

    $serviceLocator = $event->getTarget()->getServiceLocator()->getServiceLocator();
    $rbac           = $serviceLocator->get('ZfcRbac\Service\Rbac');

    $params = $event->getParams();
    $page = $params['page'];

    $permission = $page->getPermission();

    if ($permission) {
        $accepted = $rbac->isGranted($permission);
    }

    return $accepted;
}

and by this when you display the menu it will be filtered based on the permission and roles, for example if you do echo $this->navigation('navigation')->menu() then only the menu items that the user has permission on will be displayed.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(2)