[英]ZF2, ByjAuthorize rules in a module.config
I'm doing something wrong I guess, I want to limited access to a module. 我猜我做错了,我想限制对模块的访问。 Only logged in user may access the tijdmachine module.
只有登录的用户可以访问tijdmachine模块。
This is my module.config.php: 这是我的module.config.php:
<?php
namespace Tijdmachine;
return array(
'resource_providers' => array(
'BjyAuthorizeProviderResourceConfig' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorizeProviderRuleConfig' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
'view_manager' => array(
'template_path_stack' => array(__DIR__ . '/../view')
),
'controllers' => array(
'invokables' => array(
'Tijdmachine\Controller\IndexController' => 'Tijdmachine\Controller\IndexController',
)
),
'router' => array(
'routes' => array(
'tijdmachine' => array(
'resource' => 'tijdmachine',
'privilege' => 'index',
'type' => 'segment',
'options' => array(
'route' => '/tijdmachine',
// <---- url format module/action/id
'constraints' => array(
'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
'id' => '[0-9]+',
),
'defaults' => array(
'controller' => 'Tijdmachine\Controller\IndexController',
// <--- Defined as the module controller
'action' => 'index',
// <---- Default action
),
),
),
),
),
);
I defined a resource, a privilege and named them in my route. 我定义了资源,特权并在我的路线中将其命名。 But, if I go the the specific url, I will still see all the information without being logged in. What am I doing wrong?
但是,如果我转到特定的URL,我仍然会看到所有信息,而无需登录。我在做什么错了?
Thanks in advance! 提前致谢!
as stated in the documentation , you need to use the class names in the config: 如文档中所述 ,您需要在配置中使用类名:
return array(
'resource_providers' => array(
'BjyAuthorize\Provider\Resource\Config' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorize\Provider\Rule\Config' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
...
'guards' => array(
/* If this guard is specified here (i.e. it is enabled], it will block
* access to all routes unless they are specified here.
*/
\BjyAuthorize\Guard\Route::class => array(
['route' => 'tijdmachine', 'roles' => ['user']],
),
),
);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.