Php ACL授予Symfony中的所有用户访问权限?
我试图了解ACL是如何工作的,但即使我为一个项目设置了ACL(Php ACL授予Symfony中的所有用户访问权限?,php,symfony,acl,Php,Symfony,Acl,我试图了解ACL是如何工作的,但即使我为一个项目设置了ACL($client,在本例中),每个人都有访问权限 设置ACL public function setACL($repository, $mask, $selectUser = false) { $objectIdentity = ObjectIdentity::fromDomainObject($repository); $acl = $this->aclProvider->createAcl($objec
$client
,在本例中),每个人都有访问权限
设置ACL
public function setACL($repository, $mask, $selectUser = false)
{
$objectIdentity = ObjectIdentity::fromDomainObject($repository);
$acl = $this->aclProvider->createAcl($objectIdentity);
if($selectUser === false){
$user = $this->tokenStorage->getToken()->getUser();
}else{
$user = $this->entityManager->getRepository('AppBundle:User')->find($selectUser);
}
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, $mask);
$this->aclProvider->updateAcl($acl);
return;
}
public function getACL($repository, $granted)
{
if (is_array($repository)) {
foreach ($repository as $rp) {
if (false === $this->authorizationChecker->isGranted($granted, get_class($rp))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
} else {
if (false === $this->authorizationChecker->isGranted($granted, get_class($repository))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
return true;
}
$this->get('global_functions')->getACL($client, 'VIEW');
$selectUser
用于手动设置(通过控制台Comannd等)它是否可以这样工作
获取ACL
public function setACL($repository, $mask, $selectUser = false)
{
$objectIdentity = ObjectIdentity::fromDomainObject($repository);
$acl = $this->aclProvider->createAcl($objectIdentity);
if($selectUser === false){
$user = $this->tokenStorage->getToken()->getUser();
}else{
$user = $this->entityManager->getRepository('AppBundle:User')->find($selectUser);
}
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, $mask);
$this->aclProvider->updateAcl($acl);
return;
}
public function getACL($repository, $granted)
{
if (is_array($repository)) {
foreach ($repository as $rp) {
if (false === $this->authorizationChecker->isGranted($granted, get_class($rp))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
} else {
if (false === $this->authorizationChecker->isGranted($granted, get_class($repository))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
return true;
}
$this->get('global_functions')->getACL($client, 'VIEW');
为$client
设置ACL
$this->get('global_functions')->setACL($client, MaskBuilder::MASK_OWNER);
但是当我试着
获取ACL
public function setACL($repository, $mask, $selectUser = false)
{
$objectIdentity = ObjectIdentity::fromDomainObject($repository);
$acl = $this->aclProvider->createAcl($objectIdentity);
if($selectUser === false){
$user = $this->tokenStorage->getToken()->getUser();
}else{
$user = $this->entityManager->getRepository('AppBundle:User')->find($selectUser);
}
$securityIdentity = UserSecurityIdentity::fromAccount($user);
$acl->insertObjectAce($securityIdentity, $mask);
$this->aclProvider->updateAcl($acl);
return;
}
public function getACL($repository, $granted)
{
if (is_array($repository)) {
foreach ($repository as $rp) {
if (false === $this->authorizationChecker->isGranted($granted, get_class($rp))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
} else {
if (false === $this->authorizationChecker->isGranted($granted, get_class($repository))) {
$this->get('log')->writeLog('Access denied.', __LINE__, 3);
return new JsonResponse(array(
'result' => 'error',
'message' => 'Not allowed'
));
}
}
return true;
}
$this->get('global_functions')->getACL($client, 'VIEW');
我可以访问任何我正在尝试的用户
我哪里错了?自己解决了
$this->authorizationChecker->isgrated($grated,get_class($repository))
应该是$this->authorizationChecker->isgrated($grated,$repository)
自己解决了这个问题
$this->authorizationChecker->isgrated($grated,get_class($repository))
应该是$this->authorizationChecker->isgrated($grated,$repository)