API tools faq
paste
Advertisement
Danack

Crappy login stuff.

Danack
Nov 1st, 2013
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.78 KB | None | 0 0
raw download clone embed print report
  1. //On the page where your user is logging in.
  2. $user = $userMapper->loadUser($username, $password);
  3.  
  4. if ($user == null) {
  5. throw new SecurityException();
  6. }
  7. $session->store('user', $user);
  8.  
  9. //Then redirect them to somewhere.
  10.  
  11.  
  12. //On every other page
  13. $user = $session->get('user');
  14.  
  15. $userRole = null;
  16. if ($user != null) {
  17. $userRole = $user->getRole();
  18. }
  19.  
  20. $accessControl->checkUserHasPermissionToAcessPage($user->getRole(), $page->resourceType, $page->privilegeType);
  21. //Page->resoruceType and page->privilegeType come from the routing data for the app.
  22. //AccessControl object is below and uses Zend ACL
  23.  
  24.  
  25. //TBH this:
  26. // $user = $session->get('user');
  27. // should be more abstract as it's possible for users to be authenticated through other ways rather than
  28. // just a session, e.g. if they pass in authentication details through HTTP authentication or a secured link
  29.  
  30.  
  31.  
  32.  
  33.  
  34.  
  35. <?php
  36.  
  37. namespace BaseReality\Security;
  38.  
  39. use Zend\Permissions\Acl\Acl;
  40. use Zend\Permissions\Acl\Role\GenericRole;
  41. use Zend\Permissions\Acl\AclInterface;
  42.  
  43.  
  44. class AccessControl implements AclInterface {
  45.  
  46. private $acl = null;
  47.  
  48. private $roles = array();
  49.  
  50. public function __construct() {
  51. $this->acl = new Acl();
  52.  
  53. $this->roles[Role::ANONYMOUS] = new GenericRole(Role::ANONYMOUS);
  54. $this->roles[Role::ADMIN] = new GenericRole(Role::ADMIN);
  55.  
  56. $this->acl->addRole($this->roles[Role::ADMIN]);
  57. $this->acl->addRole($this->roles[Role::ANONYMOUS]);
  58.  
  59. $this->acl->addResource(Resource::ADMIN);
  60. $this->acl->addResource(Resource::CONTENT);
  61.  
  62. //Null roles = all roles.
  63. $this->acl->allow(null, Resource::CONTENT, Privilege::VIEW);
  64.  
  65. //Null privilege = all
  66. //$this->acl->allow(Role::ADMIN, Resource::CONTENT);
  67. $this->acl->allow(Role::ADMIN, Resource::ADMIN);
  68. //$this->acl->allow(Role::ADMIN, Resource::ADMIN, Privilege::VIEW);
  69. }
  70.  
  71. public function isAllowed($userRole = null, $resource = null, $privilege = null){
  72.  
  73. if ($userRole == null) {
  74. $userRole = Role::ANONYMOUS;
  75. }
  76.  
  77. if ($resource == null) {
  78. $resource = Resource::CONTENT;
  79. }
  80.  
  81. if ($privilege == null) {
  82. $privilege = Privilege::UNLISTED;
  83. }
  84.  
  85. return $this->acl->isAllowed($userRole, $resource, $privilege);
  86. }
  87.  
  88. /**
  89. * Returns true if and only if the Resource exists in the ACL
  90. *
  91. * The $resource parameter can either be a Resource or a Resource identifier.
  92. *
  93. * @param \Zend\Permissions\Acl\Resource\ResourceInterface|string $resource
  94. * @return bool
  95. */
  96. public function hasResource($resource) {
  97. // TODO: Implement hasResource() method.
  98. return false;
  99. }
  100.  
  101. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!