Reputation: 599
Zend multiple navigation with ACL
I'm trying to build a front-end and back-end navigation menu. I want to display only the back-end menu in the back-end and visa versa.
It's working correctly, when i set the ACL off. But, when i put in on, the menu's are gone. Does anybody know, how i can solve this?
This is my code:
EDIT:
I changed the navigation.xml and now, it's almost working correctly.
The top menu items are working when i allow the controller. But, when i only want to allow a specific action inside a controller the whole submenu is displaying instead of the allowed action.
I hope, you understanding the problem. I'm sorry, my English isn't that well.
in bootstrap.php
protected function _initNavigation()
{
$this->bootstrap('layout');
$layout = $this->getResource('layout');
$view = $layout->getView();
$identity = $this->_auth->getStorage()->read();
if($identity)
{
$roles = new Application_Model_Auth_Roles();
$role = $roles->getRoles($identity->role);
} else {
$role[0]['role'] = 'Guest';
}
$config = new Zend_Config_Xml(APPLICATION_PATH . '/configs/navigation.xml', 'nav');
$container = new Zend_Navigation($config);
$view->navigation($container)
->setAcl($this->_acl)
->setRole($role[0]['role']);
// default menu
$view->nav = $view->navigation()->findOneByLabel('mainnav');
}
CmsControllor.php
class CmsController extends Zend_Controller_Action
{
public function init()
{
//// BUILD MENU
$this->view->nav = $this->view->navigation()->findOneByLabel('cms');
...
view:
<?= $this->navigation()->menu()->renderMenu($this->nav); ?>
navigation.xml
<config>
<nav>
<mainnav>
<label>mainnav</label>
<module>default</module>
<pages>
<home>
<label>Home</label>
<controller>index</controller>
<resource>index</resource>
</home>
<page1>
<label>De Esdoorn</label>
<controller>page1</controller>
<resource>deesdoorn</resource>
</page1>
<page2>
<label>page2</label>
<controller>page2</controller>
<pages>
<algemeen>
<label>Algemeen</label>
<controller>page2</controller>
<action>index</action>
<resource>page2</resource>
<privileges>index</privileges>
</algemeen>
<biedt>
<label>page2 biedt</label>
<controller>page2</controller>
<action>biedt</action>
<privileges>biedt</privileges>
</biedt>
<zorg>
<label>Zorg</label>
<controller>page2</controller>
<action>zorg</action>
<privileges>zorg</privileges>
</zorg>
<download>
<label>Download onze folder</label>
<uri>folder url</uri>
<target>_blank</target>
</download>
</pages>
</page2>
<organisatie>
<label>Onze organisatie</label>
<controller>organisatie</controller>
<pages>
<algemeen>
<label>Algemeen</label>
<controller>organisatie</controller>
<resource>organisatie</resource>
<privileges>index</privileges>
</algemeen>
<missieenvisie>
<label>Missie en visie</label>
<controller>organisatie</controller>
<action>missieenvisie</action>
<privileges>missieenvisie</privileges>
</missieenvisie>
<dienstverlening>
<label>Dienstverlening</label>
<controller>organisatie</controller>
<action>dienstverlening</action>
<privileges>dienstverlening</privileges>
</dienstverlening>
<kosten>
<label>Kosten</label>
<controller>organisatie</controller>
<action>kosten</action>
<privileges>kosten</privileges>
</kosten>
<nieuws>
<label>Nieuws</label>
<controller>organisatie</controller>
<action>nieuws</action>
<privileges>nieuws</privileges>
</nieuws>
</pages>
</organisatie>
<contact>
<label>Contact</label>
<controller>contact</controller>
<resource>contact</resource>
</contact>
</pages>
</mainnav>
<cms>
<label>cms</label>
<module>default</module>
<pages>
<dashboard>
<label>Dashboard</label>
<controller>cms</controller>
<action>dashboard</action>
<resource>cms</resource>
<privileges>nieuws</privileges>
</dashboard>
<nieuwsbeheren>
<label>Beheer uw nieuws</label>
<controller>cms</controller>
<action>managenews</action>
<resource>cms</resource>
</nieuwsbeheren>
<fotoalbum>
<label>Foto album</label>
<controller>fotoalbum</controller>
<pages>
<index>
<label>Album overzicht</label>
<controller>fotoalbum</controller>
<privileges>index</privileges>
</index>
<add>
<label>+ Album toevoegen</label>
<controller>fotoalbum</controller>
<action>add</action>
<resource>fotoalbum</resource>
<privileges>add</privileges>
</add>
<clientoverview>
<label>Bewoner overzicht</label>
<controller>fotoalbum</controller>
<action>clientoverview</action>
<privileges>clientoverview</privileges>
</clientoverview>
<useroverview>
<label>Naaste overzicht</label>
<controller>fotoalbum</controller>
<action>useroverview</action>
<privileges>useroverview</privileges>
</useroverview>
</pages>
</fotoalbum>
<settings>
<label>Instellingen</label>
<controller>cms</controller>
<action>settings</action>
<resource>cms</resource>
<privilege>settings</privilege>
</settings>
<logout>
<label>Uitloggen</label>
<controller>cms</controller>
<action>logout</action>
<resource>cms</resource>
<privilege>logout</privilege>
</logout>
</pages>
</cms>
</nav>
</config>
My ACL plugin:
class My_Plugins_CheckAccess extends Zend_Controller_Plugin_Abstract
{
private $_acl = NULL;
private $_auth = NULL;
public function __construct(Zend_Acl $acl, Zend_Auth $auth)
{
$this->_acl = $acl;
$this->_auth = $auth;
}
public function preDispatch(Zend_Controller_Request_Abstract $request){
$controller = $request->getControllerName();
$action = $request->getActionName();
$identity = $this->_auth->getStorage()->read();
if($identity)
{
$roles = new Application_Model_Auth_Roles();
$role = $roles->getRoles($identity->role);
} else {
$role[0]['role'] = 'Guest';
}
if(!$this->_acl->isAllowed($role[0]['role'],$controller,$action))
{
$request->setControllername('login')->setActionName('index');
} else
{
}
}
My Rules file (the rules are from the database)
class Application_Model_Auth_CmsAcl extends Zend_Acl {
public function __construct(){
$logic = new Application_Model_Auth_Logic();
$pages = new Application_Model_Auth_Pages();
$pagecollection = $pages->getPages();
$pagelist = $logic->listPages($pagecollection);
$roles = new Application_Model_Auth_Roles();
$rolecollection = $roles->getRoles();
$resources = new Application_Model_Auth_Resources();
$resourcecollection = $resources->getResource();
foreach($pagelist as $controller)
{
if($controller['controllerBase'] == 1):
$this->add( new Zend_Acl_Resource($controller['controller']));
endif;
}
foreach($rolecollection as $role)
{
$this->addRole( new Zend_Acl_Role($role['role']));
}
foreach($resourcecollection as $resource)
{
$roleName = $roles->getRoles($resource['roleID']);
$pageName = $pages->getPages($resource['pageID']);
if($pageName[0]['action'] != ''){
$this->allow($roleName[0]['role'],$pageName[0]['controller'],$pageName[0]['action']);
} else {$this->allow($roleName[0]['role'],$pageName[0]['controller']);}
}
}
}
This is my first zend website. Please, correct me when i make mistakes.
Upvotes: 2
Views: 1778
Answers (4)
Reputation: 599
Okay, i edited this rule in my rules file:
$this->allow($roleName[0]['role'],$pageName[0]['controller'],$pageName[0]['action']);
to
$this->allow($roleName[0]['role'],$pageName[0]['controller'],array('index',$pageName[0]['action']));
So I attached an array to my action where index is included. This means it's working. but it will always shows the index page when i only want to allow a certain action.
I found out that this is, of course, quite logically, since the top menu item is triggered only by the entire controller or the index action.
For this, you must attach this code to the top menu item:
<resource>page2</resource>
<privilege>index</privilege>
A solution would be a custom menu plugin that only triggers the top menu item when index or an other action inside the controller is allowed.
Or does maybe someone knows, how the set multiple privileges to the top menu item? Something like this?:
<page2>
<label>page2</label>
<controller>page2</controller>
<privilege>index</privilege>
<privilege>zorg</privilege>
<privilege>biedt</privilege>
<pages>
<algemeen>
<label>Algemeen</label>
<controller>page2</controller>
<action>index</action>
<resource>page2</resource>
<privilege>index</privilege>
</algemeen>
<biedt>
<label>page2 biedt</label>
<controller>page2</controller>
<action>biedt</action>
<privilege>biedt</privilege>
</biedt>
<zorg>
<label>Zorg</label>
<controller>page2</controller>
<action>zorg</action>
<privilege>zorg</privilege>
</zorg>
<download>
<label>Download onze folder</label>
<uri>folder url</uri>
<target>_blank</target>
</download>
</pages>
</page2>
So, when the privilege is OR index, OR biedt, OR Zorg -> show this top menu item.
Another mistake I made, was typing
<privileges> instead of <privilege>
Thank you for the help.
Upvotes: 0
Reputation: 14862
In your navigation file you need to add a resource tag:
<admin>
<label>admin</label>
<module>admin</module>
<resource>admin</resource>
<pages>
...
</pages>
</admin>
In this example I have given the resource the name 'admin', but this will be the admin resource you have in your database, and the admin user will need permission to view/access this resource.
Upvotes: 0
Reputation: 5080
It looks like you've swapped resource for privilege in your navigation.xml
Try:
<home>
<label>Home</label>
<controller>index</controller>
<resource>index</resource>
<home>
<page1>
<label>page1</label>
<controller>page1</controller>
<resource>page1</resource>
<page1>
Upvotes: 1
Reputation: 3243
You didn't specify any Rules yet. This must be done so the ACL component knows who has access to what. This can be done by calling deny() and/or allow(). Take a look at the manual, it is explained in detail.
Upvotes: 0
Related Questions
- Zend Navigation & recursive Zend Acl
- Zend Navigation Multiple ACL roles
- Zend navigation and Zend ACL
- Zend Navigation privileges without Zend ACL's
- Zend Navigation, ACL and Partials
- Assign multiple roles in Zend_Navigation using Zend_ACL in Zend Framework PHP?
- Linking Zend_Acl with Zend_Navigation
- zend navigation partial with acl not working
- Having problems combining Zend_Acl and Zend_Navigation
- Zend Navigation - various navigation blocks