Symfony:为某些类型的用户取消对后端模块的保护。 如何?
[英]Symfony: un-secure a backend module for certain kinds of users. How?
问题描述
Straight to the point -- I have a Symfony 1.3 / Propel 1.4 project.
直截了当——我有一个 Symfony 1.3 / Propel 1.4 项目。 I have a module which is secured via is_secure: true in its own security.yml .我有一个通过is_secure: true在它自己的security.yml中保护的模块。 I want this module to be accessible not only for super admins -- I am using the sfGuardPlugin symfony plugin.我希望这个模块不仅可供超级管理员访问——我正在使用sfGuardPlugin symfony 插件。 The module is located in the backend app.该模块位于backend应用程序中。
I would like to make the module accessible to users who have any value of their type property.我想让具有任何type属性值的用户可以访问该模块。 Regular users of the site have NULL in there, all of the rest have a value of some kind.该网站的普通用户在那里有NULL ,所有 rest 都有某种价值。 When I change the security directive to is_secure: false (just to test it), I then go to /admin and do login with a user who has some type , I get properly redirected to /admin/purchases (the only non-secured backend module) but with security error message -- "You do not have access to show this page" or something along the lines.当我将安全指令更改为is_secure: false (只是为了测试它),然后我将 go 更改为/admin并使用具有某种type的用户登录,我被正确重定向到/admin/purchases (唯一的非安全backend模块),但带有安全错误消息——“您无权显示此页面”或类似的内容。
Since I am not quite so familiar with sfGuardPlugin (and Symfony's security in general), I would like some help as to how do I do this, please.由于我对sfGuardPlugin (以及 Symfony 的一般安全性)不太熟悉,所以我希望得到一些关于如何执行此操作的帮助。
3 个解决方案
解决方案1
0 已采纳 2011-05-25 07:57:53
See documentation about action security.请参阅有关操作安全性的文档。
Use group permissions from sfGuardPlugin to automatically ad credentials for users of your choice (see extra documentation for sfGuardPlugin in order to understand how the plugin converts user groups and permissions into credentials)使用 sfGuardPlugin 的组权限自动为您选择的用户广告凭据(请参阅 sfGuardPlugin 的额外文档以了解插件如何将用户组和权限转换为凭据)
解决方案2
0 2011-05-25 14:03:24
If you don't want to relay on the security.yml credentials, you could also handle this inside an action:如果您不想中继 security.yml 凭据,您也可以在操作中处理此问题:
public function executeIndex($request){
if(!$this->getUser()->hasGroup('desired-group')){
$this->getUser->setFlash('message', 'You do not have access to show this page');
return $this->redirect('admin/purchases');
}
// more logic here
}
If this works for more actions of your module, yould could use the preExecute() methode in case of DRY (dont repeat yourself…)如果这适用于您的模块的更多操作,您可以在 DRY 的情况下使用 preExecute() 方法(不要重复自己......)
解决方案3
0 2011-05-25 14:39:22
As long as you've got the right credentials for each user.只要您拥有每个用户的正确凭据。 In your backend modules security.yml file you can do this:在您的后端模块 security.yml 文件中,您可以这样做:
all:
credentials: [[admin, developer]]
Or you can do individual actions:或者您可以执行个别操作:
requestView:
credentials: [[supporter, admin, developer]]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.