Zend framework2 使用BjyAuthorize的基于角色的路由中的配置不起作用
这是我的bjyauthorize.global.php内容Zend framework2 使用BjyAuthorize的基于角色的路由中的配置不起作用,zend-framework2,acl,zfcuser,bjyauthorize,Zend Framework2,Acl,Zfcuser,Bjyauthorize,这是我的bjyauthorize.global.php内容 <?php return array( 'bjyauthorize' => array( // set the 'guest' role as default (must be defined in a role provider) // 'default_role' => 'guest', /* this module uses a meta-role that inherits fro
<?php
return array(
'bjyauthorize' => array(
// set the 'guest' role as default (must be defined in a role provider)
// 'default_role' => 'guest',
/* this module uses a meta-role that inherits from any roles that should
* be applied to the active user. the identity provider tells us which
* roles the "identity role" should inherit from.
*
* for ZfcUser, this will be your default identity provider
*/
'identity_provider' => 'BjyAuthorize\Provider\Identity\ZfcUserZendDb',
/* If you only have a default role and an authenticated role, you can
* use the 'AuthenticationIdentityProvider' to allow/restrict access
* with the guards based on the state 'logged in' and 'not logged in'.
*/
// 'default_role' => 'guest', // not authenticated
// 'authenticated_role' => 'user', // authenticated
// 'identity_provider' => 'BjyAuthorize\Provider\Identity\AuthenticationIdentityProvider',
/* role providers simply provide a list of roles that should be inserted
* into the Zend\Acl instance. the module comes with two providers, one
* to specify roles in a config file and one to load roles using a
* Zend\Db adapter.
*/
'role_providers' => array(
/* here, 'guest' and 'user are defined as top-level roles, with
* 'admin' inheriting from user
*/
'BjyAuthorize\Provider\Role\Config' => array(
'admin' => array(),
'guest' => array()
),
// this will load roles from the user_role table in a database
// format: user_role(role_id(varchar), parent(varchar))
'BjyAuthorize\Provider\Role\ZendDb' => array(
'table' => 'user_role',
'role_id_field' => 'roleId',
'parent_role_field' => 'parent_id',
),
// this will load roles from the 'BjyAuthorize\Provider\Role\Doctrine'
// service
// 'BjyAuthorize\Provider\Role\Doctrine' => array(),
),
// resource providers provide a list of resources that will be tracked
// in the ACL. like roles, they can be hierarchical
'resource_providers' => array(
// 'BjyAuthorize\Provider\Resource\Config' => array(
// 'pants' => array(),
// ),
'BjyAuthorize\Provider\Resource\Config' => array(
'Collections\Controller\CollectionsController' => array('admin'),
),
),
/* rules can be specified here with the format:
* array(roles (array), resource, [privilege (array|string), assertion])
* assertions will be loaded using the service manager and must implement
* Zend\Acl\Assertion\AssertionInterface.
* *if you use assertions, define them using the service manager!*
*/
'rule_providers' => array(
'BjyAuthorize\Provider\Rule\Config' => array(
'allow' => array(
// allow guests and users (and admins, through inheritance)
// the "wear" privilege on the resource "pants"
// array(array('guest', 'user'), 'pants', 'wear')
array(array('admin'), 'Collections\Controller\CollectionsController', 'index')
),
// Don't mix allow/deny rules if you are using role inheritance.
// There are some weird bugs.
'deny' => array(
// ...
// array(array('admin', 'guest'), 'collections', 'add')
),
),
),
/* Currently, only controller and route guards exist
*
* Consider enabling either the controller or the route guard depending on your needs.
*/
'guards' => array(
/* If this guard is specified here (i.e. it is enabled), it will block
* access to all controllers and actions unless they are specified here.
* You may omit the 'action' index to allow access to the entire controller
*/
'BjyAuthorize\Guard\Controller' => array(
array('controller' => 'index', 'action' => 'index', 'roles' => array('admin','guest')),
array('controller' => 'index', 'action' => 'stuff', 'roles' => array('admin')),
array('controller' => 'Collections\Controller\CollectionsController', 'roles' => array('admin', 'guest')),
// You can also specify an array of actions or an array of controllers (or both)
// allow "guest" and "admin" to access actions "list" and "manage" on these "index",
// "static" and "console" controllers
// array(
// 'controller' => array('index', 'static', 'console'),
// 'action' => array('list', 'manage'),
// 'roles' => array('guest', 'admin')
// ),
array('controller' => 'zfcuser', 'roles' => array('admin', 'guest')),
// Below is the default index action used by the ZendSkeletonApplication
array('controller' => 'Application\Controller\Index', 'roles' => array('guest', 'admin')),
),
/* If this guard is specified here (i.e. it is enabled), it will block
* access to all routes unless they are specified here.
*/
'BjyAuthorize\Guard\Route' => array(
array('route' => 'zfcuser', 'roles' => array('admin', 'guest')),
array('route' => 'zfcuser/logout', 'roles' => array('admin', 'guest')),
array('route' => 'zfcuser/login', 'roles' => array('admin', 'guest')),
array('route' => 'zfcuser/register', 'roles' => array('guest', 'admin')),
// Below is the default index action used by the ZendSkeletonApplicationarray('route' => 'zfcuser/register', 'roles' => array('guest', 'admin')),
array('route' => 'collections/index', 'roles' => array('guest', 'admin')),
array('route' => 'home', 'roles' => array('guest', 'admin')),
),
),
),
);
我已经根据这个修改了用户表的列。我已经修改了用户id到id的映射程序。它工作正常,因为它没有显示任何错误
尽管没有任何错误,但在登录之前,我访问的任何模块(/user和/collections)除登录页面(zfcuser/login)外,都会得到“403禁止”
我对数据库中用户\角色\链接器表的数据有疑问。我没有找到适当的文档,无法在中输入用户角色表的角色数据。建议我在配置文件或数据库表中是否存在任何错误配置,或此处未提及的任何其他内容。您可能在不知道基础设置是否正确的情况下尝试了太多操作。这不是一个完整的答案,但我建议如下:
- 安装Zend Framework开发工具( )一旦运行它 在页面底部有一个工具栏,它将告诉你什么角色 你现在有。它对其他许多事情也很有用。 假设您在登录时具有适当的角色,则 一次设置一个防护装置。例如,你目前两者都有 “BjyAuthorize\Guard\Controller”和“BjyAuthorize\Guard\Route”设置
- 您可以只运行其中一个来启动,当您运行其中一个时,您可以测试另一个。只需删除或注释掉 bjyauthorize.global.php中的相应部分
array('controller' => 'index',
试一试
我希望这是一些帮助
此外,如果您碰巧在某个时候使用了条令ORM,那么将BjyAuthorize、ZFcuser和条令轻松地结合在一起是一个很好的模块
Fin您可能在不知道基础设置是否正确的情况下尝试了太多。这不是一个完整的答案,但我建议如下:
- 安装Zend Framework开发工具( )一旦运行它 在页面底部有一个工具栏,它将告诉你什么角色 你现在有。它对其他许多事情也很有用。 假设您在登录时具有适当的角色,则 一次设置一个防护装置。例如,你目前两者都有 “BjyAuthorize\Guard\Controller”和“BjyAuthorize\Guard\Route”设置
- 您可以只运行其中一个来启动,当您运行其中一个时,您可以测试另一个。只需删除或注释掉 bjyauthorize.global.php中的相应部分
array('controller' => 'index',
试一试
我希望这是一些帮助
此外,如果您碰巧在某个时候使用了条令ORM,那么将BjyAuthorize、ZFcuser和条令轻松地结合在一起是一个很好的模块
Fin关于
用户角色链接器
表的问题,feilds角色id
应该是varchar
而不是int
。我也有同样的问题。检查以下转储中的示例数据
CREATE TABLE IF NOT EXISTS `user_role_linker` (
`user_id` int(11) unsigned NOT NULL,
`role_id` varchar(128) NOT NULL,
PRIMARY KEY (`user_id`,`role_id`),
KEY `role_id` (`role_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Dumping data for table `user_role_linker`
--
INSERT INTO `user_role_linker` (`user_id`, `role_id`) VALUES(1, 'admin');
user\u role\u linker
表的问题是,feildsrole\u id
应该是varchar
,而不是int
。我也有同样的问题。检查以下转储中的示例数据
CREATE TABLE IF NOT EXISTS `user_role_linker` (
`user_id` int(11) unsigned NOT NULL,
`role_id` varchar(128) NOT NULL,
PRIMARY KEY (`user_id`,`role_id`),
KEY `role_id` (`role_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Dumping data for table `user_role_linker`
--
INSERT INTO `user_role_linker` (`user_id`, `role_id`) VALUES(1, 'admin');
我已经根据您的建议设置了角色配置和路由,但输出仍然相同。我在查看Zend Framework Developer工具栏时遇到了这个错误:错误您必须安装或启用@bjyoungblood的Zend\Db Profiler才能使用此功能。对此有何想法?此错误仅针对DB Profiler,对于当前问题不重要-您是否在其右侧看到一个图标,指示您当前的用户角色?如果不是,您的设置可能不正确。是的,有一个带有标签Guest的图标。当我点击图标时,它显示:ByjAuthorize Identity Roles-1 Role:guest Bu当前登录用户的角色不是guest,而是其管理员。即使没有用户登录(在登录页面中),也会始终看到来宾角色。您必须重新检查您的设置-如果安装正确,则会显示管理员角色。我从composer获得了设置。不可能丢失文件。如果丢失了任何文件,它将显示其他php错误。请告诉我为什么我需要重新设置,并有适当的理由。我已经按照您的建议设置了角色配置和路由,但输出仍然相同。我在查看Zend Framework Developer工具栏时遇到了这个错误:错误您必须安装或启用@bjyoungblood的Zend\Db Profiler才能使用此功能。对此有何想法?此错误仅针对DB Profiler,对于当前问题不重要-您是否在其右侧看到一个图标,指示您当前的用户角色?如果不是,您的设置可能不正确。是的,有一个带有标签Guest的图标。当我点击图标时,它显示:ByjAuthorize Identity Roles-1 Role:guest Bu当前登录用户的角色不是guest,而是其管理员。即使没有用户登录(在登录页面中),也会始终看到来宾角色。您必须重新检查您的设置-如果安装正确,则会显示管理员角色。我从composer获得了设置。不可能丢失文件。如果丢失了任何文件,它将显示其他php错误。你能告诉我为什么我需要重新设置一个合适的理由吗。