[英]ZF2, ByjAuthorize rules in a module.config
我猜我做錯了,我想限制對模塊的訪問。 只有登錄的用戶可以訪問tijdmachine模塊。
這是我的module.config.php:
<?php
namespace Tijdmachine;
return array(
'resource_providers' => array(
'BjyAuthorizeProviderResourceConfig' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorizeProviderRuleConfig' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
'view_manager' => array(
'template_path_stack' => array(__DIR__ . '/../view')
),
'controllers' => array(
'invokables' => array(
'Tijdmachine\Controller\IndexController' => 'Tijdmachine\Controller\IndexController',
)
),
'router' => array(
'routes' => array(
'tijdmachine' => array(
'resource' => 'tijdmachine',
'privilege' => 'index',
'type' => 'segment',
'options' => array(
'route' => '/tijdmachine',
// <---- url format module/action/id
'constraints' => array(
'action' => '[a-zA-Z][a-zA-Z0-9_-]*',
'id' => '[0-9]+',
),
'defaults' => array(
'controller' => 'Tijdmachine\Controller\IndexController',
// <--- Defined as the module controller
'action' => 'index',
// <---- Default action
),
),
),
),
),
);
我定義了資源,特權並在我的路線中將其命名。 但是,如果我轉到特定的URL,我仍然會看到所有信息,而無需登錄。我在做什么錯了?
提前致謝!
return array(
'resource_providers' => array(
'BjyAuthorize\Provider\Resource\Config' => array(
'tijdmachine' => array(),
),
),
'rule_providers' => array(
'BjyAuthorize\Provider\Rule\Config' => array(
'allow' => array(
array(array('user'), 'tijdmachine', array('index')),
),
),
),
...
'guards' => array(
/* If this guard is specified here (i.e. it is enabled], it will block
* access to all routes unless they are specified here.
*/
\BjyAuthorize\Guard\Route::class => array(
['route' => 'tijdmachine', 'roles' => ['user']],
),
),
);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.