I'm working in a Phalcon 2.0.13 Project using the ACL to control permissions. My Question is: is there a way for me to use the isAllowed in a .volt view?
My goal is to control some options I show in the .volt view based on user's permissions.
Just to clarify to which function I mean:
if( !$this->acl->isAllowed( $userRole, ucfirst( $this->dispatcher->getControllerName() ), $this->dispatcher->getActionName() ) ){
$this->response->redirect( $this->url->get(['for' => 'admin-index-login']) );
}
This is a piece of code I run inside my base controller, I would like to check for permissions in the .volt view, something like {{ if isAllowed("User", "New") }} xxxx {{ endif }}
Thanks for any help
Here is what I did to solve. My permission system is in the database, because the admin can set permissions to roles, user groups or a particular user.
I created a custom function to use in the .volt views:
$compiler = $volt->getCompiler(); //Custom volt functions $compiler->addFunction('has_permission', function($resolvedArgs, $exprArgs) { return '\\HelperFunctions::UserHasPermission(' . $resolvedArgs . ')'; });
UserHasPermission
receives the controller and action names to check if the user has permission. I'm using it like this:
{% if has_permission("user", "*") %}
<li>
<a href="#" title="Users"><i class="fa fa-lg fa-fw fa-user"></i> <span class="menu-item-parent">Users</span></a>
<ul>
<li>
<a href="{{ url(['for': 'admin-user-index']) }} " title="Users"><span class="menu-item-parent">Users</span></a>
</li>
</ul>
</li>
{% endif %}
*
in the action name means if the user has permission in any of the UserController actions.
So far I'm happy with the solution and if at some point I want to switch back to Phalcon's ACL it is pretty easy.
If acl is added as service then just do:
{% if acl.isAllowed("User", "New") %}
{% endif %}
No need to custom function in volt. Phalcon ACL Memory based have a lot more options than database and it's faster anyway.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.