Hello Ralph,
Thanks a lot for replying, i really appreciate that. Sorry for missing out the bootstrap file; here it is...
----------<<<<<<<<>>>>>>>>>--------------
<?php
class Bootstrap extends Zend_Application_Bootstrap_Bootstrap {
protected function _initAutoload() {
$moduleLoader = new Zend_Application_Module_Autoloader(array(
'namespace' => '',
'basePath' => APPLICATION_PATH));
$acl = new Model_Authentication_User();
$auth = Zend_Auth::getInstance();
$fc = Zend_Controller_Front::getInstance();
$fc->registerPlugin(new Plugin_AccessCheck($acl, $auth));
return $moduleLoader;
}
}
----------<<<<<<<<>>>>>>>>>--------------
Even when this error shows on the page, when i login...it starts working file...WHEN i change this line;
$role = $auth_all_items_stored->role;
and assign some role that is in the Plugin_AccessCheck;
$role = 'user'; //$auth_all_items_stored->role;
the error goes away but the role stays as user only. The reason as far as i can understand is because it tries to assign a value to the role before the loginaction actually starts as it is in preDispatch() function
<?php
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
private $_acl= null;
private $_auth = null;
public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
$this->_acl=$acl;
$this->_auth=$auth;
}
public function preDispatch(Zend_Controller_Request_Abstract $request) {
$resource = $request->getControllerName();
$action = $request->getActionName();
$identity = $this->_auth->getStorage()->read();
$role = $identity->role;
if(!$this->_acl->isAllowed($role, $resource, $action)) {
$request->setControllerName('authentication')
->setActionName('login');
echo "Message: You don't have the permission to access the requested page";
}
}
}
Waiting for your reply,
Regards,
Yasin
Thanks a lot for replying, i really appreciate that. Sorry for missing out the bootstrap file; here it is...
----------<<<<<<<<>>>>>>>>>--------------
this is my Bootstrap code:
----------<<<<<<<<>>>>>>>>>--------------
----------<<<<<<<<>>>>>>>>>--------------
<?php
class Bootstrap extends Zend_Application_Bootstrap_Bootstrap {
protected function _initAutoload() {
$moduleLoader = new Zend_Application_Module_Autoloader(array(
'namespace' => '',
'basePath' => APPLICATION_PATH));
$acl = new Model_Authentication_User();
$auth = Zend_Auth::getInstance();
$fc = Zend_Controller_Front::getInstance();
$fc->registerPlugin(new Plugin_AccessCheck($acl, $auth));
return $moduleLoader;
}
}
----------<<<<<<<<>>>>>>>>>--------------
this is my LoginAction code in authentication controller:
----------<<<<<<<<>>>>>>>>>--------------
<?php
class AuthenticationController extends Zend_Controller_Action {
public function loginAction() {
if(Zend_Auth::getInstance()->hasIdentity()) {
$this->_redirect('documents/list');
}
$req = $this->getRequest();
$form = new Form_LoginPage();
if($req->isPost()) {
if($form->isValid($this->_request->getPost())) {
$AuthentAdapter = $this->getAuthAdapter();
$user_name = $form->getValue('username');
$user_password = $form->getValue('userpassword');
$AuthentAdapter ->setIdentity($user_name)
->setCredential($user_password);
$auth=Zend_Auth::getInstance();
$result = $auth->authenticate($AuthentAdapter);
if($result->isValid()) {
$identity=$AuthentAdapter->getResultRowObject();
$authStorage = $auth->getStorage();
$authStorage->write($identity);
$sess = new Zend_Session_Namespace('usersession');
$sess->username = $user_name;
}
else
$this->view->errorMessage = 'Invalid User name or Password provided, try again';
}
}
// $this->_redirect('Documents/list');
$this->view->form = $form;
}
----------<<<<<<<<>>>>>>>>>--------------
this is my getAuthAdapter code: this is also in the authentication controller
----------<<<<<<<<>>>>>>>>>--------------
private function getAuthAdapter() {
$AuthentAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());
$AuthentAdapter->setTableName('user')
->setIdentityColumn('user_name')
->setCredentialColumn('user_password');
return $AuthentAdapter;
}
Also im putting my Model code again as i've modified it and its better to understand now (atleast for me :))
<?php
class Model_Authentication_User extends Zend_Acl {
protected $_name = 'authent';
public function __construct() {
/** Creating Roles */
$this->addRole(new Zend_Acl_Role('guest'));
$this->addRole(new Zend_Acl_Role('user'),'guest')
->addRole(new Zend_Acl_Role('admin'), 'user');
// ->addRole(new Zend_Acl_Role('admin'), 'writer');
/** Creating resources */
//require_once 'Zend/Acl/Resource.php';
$this->add(new Zend_Acl_Resource('index'))
->add(new Zend_Acl_Resource('authentication'))
->add(new Zend_Acl_Resource('documents'));
// Rules definitions
$this->allow('guest','authentication')
->deny('guest', 'documents')
->allow('guest', 'documents','list')
->allow('user', 'documents', array('list','detaillist'))
->allow('admin', 'documents', array('add', 'addnote', 'edit','delete'));
}
}
----------<<<<<<<<>>>>>>>>>--------------
<?php
class AuthenticationController extends Zend_Controller_Action {
public function loginAction() {
if(Zend_Auth::getInstance()->hasIdentity()) {
$this->_redirect('documents/list');
}
$req = $this->getRequest();
$form = new Form_LoginPage();
if($req->isPost()) {
if($form->isValid($this->_request->getPost())) {
$AuthentAdapter = $this->getAuthAdapter();
$user_name = $form->getValue('username');
$user_password = $form->getValue('userpassword');
$AuthentAdapter ->setIdentity($user_name)
->setCredential($user_password);
$auth=Zend_Auth::getInstance();
$result = $auth->authenticate($AuthentAdapter);
if($result->isValid()) {
$identity=$AuthentAdapter->getResultRowObject();
$authStorage = $auth->getStorage();
$authStorage->write($identity);
$sess = new Zend_Session_Namespace('usersession');
$sess->username = $user_name;
}
else
$this->view->errorMessage = 'Invalid User name or Password provided, try again';
}
}
// $this->_redirect('Documents/list');
$this->view->form = $form;
}
----------<<<<<<<<>>>>>>>>>--------------
this is my getAuthAdapter code: this is also in the authentication controller
----------<<<<<<<<>>>>>>>>>--------------
private function getAuthAdapter() {
$AuthentAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table::getDefaultAdapter());
$AuthentAdapter->setTableName('user')
->setIdentityColumn('user_name')
->setCredentialColumn('user_password');
return $AuthentAdapter;
}
Also im putting my Model code again as i've modified it and its better to understand now (atleast for me :))
<?php
class Model_Authentication_User extends Zend_Acl {
protected $_name = 'authent';
public function __construct() {
/** Creating Roles */
$this->addRole(new Zend_Acl_Role('guest'));
$this->addRole(new Zend_Acl_Role('user'),'guest')
->addRole(new Zend_Acl_Role('admin'), 'user');
// ->addRole(new Zend_Acl_Role('admin'), 'writer');
/** Creating resources */
//require_once 'Zend/Acl/Resource.php';
$this->add(new Zend_Acl_Resource('index'))
->add(new Zend_Acl_Resource('authentication'))
->add(new Zend_Acl_Resource('documents'));
// Rules definitions
$this->allow('guest','authentication')
->deny('guest', 'documents')
->allow('guest', 'documents','list')
->allow('user', 'documents', array('list','detaillist'))
->allow('admin', 'documents', array('add', 'addnote', 'edit','delete'));
}
}
Even when this error shows on the page, when i login...it starts working file...WHEN i change this line;
$role = $auth_all_items_stored->role;
and assign some role that is in the Plugin_AccessCheck;
$role = 'user'; //$auth_all_items_stored->role;
the error goes away but the role stays as user only. The reason as far as i can understand is because it tries to assign a value to the role before the loginaction actually starts as it is in preDispatch() function
<?php
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
private $_acl= null;
private $_auth = null;
public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
$this->_acl=$acl;
$this->_auth=$auth;
}
public function preDispatch(Zend_Controller_Request_Abstract $request) {
$resource = $request->getControllerName();
$action = $request->getActionName();
$identity = $this->_auth->getStorage()->read();
$role = $identity->role;
if(!$this->_acl->isAllowed($role, $resource, $action)) {
$request->setControllerName('authentication')
->setActionName('login');
echo "Message: You don't have the permission to access the requested page";
}
}
}
Waiting for your reply,
Regards,
Yasin
On Mon, Mar 15, 2010 at 6:34 PM, Ralph Schindler <ralph.schindler@zend.com> wrote:
A couple of things to note to perhaps help you out.
In the code below, the Plugin is ALWAYS run for each request (I can only assume this as I cannot see your bootstrap information). This means you might want to add some conditional logic to the plugin to detect whether or not a user is actually logged in.
When users login, upon a successful login, the loginAction will populate the Auth component (via Zend_Session) with an object, and in this object is a property called 'role'.
If there is no loginAction, there is no object in the Auth Component (in the session), and thus, line 18 of the plugin would fail due to the fact that you're trying to access a property of an object that does not exist.
*<?phpTry chainging this:
class Plugin_AccessCheck extends Zend_Controller_Plugin_Abstract {
private $_acl= null;
private $_auth = null;
public function __construct(Zend_Acl $acl, Zend_Auth $auth) {
$this->_acl=$acl;
$this->_auth=$auth;
}
public function preDispatch(Zend_Controller_Request_Abstract $request) {
$resource = $request->getControllerName();
$action = $request->getActionName();
To this:
$auth_all_items_stored = $this->_auth->getStorage()->read();
$role = $auth_all_items_stored->role;
if(!$this->_acl->isAllowed($role, $resource, $action)) {
$request->setControllerName('authentication')
->setActionName('login');
}
if (!is_object($auth_all_items_stored)
|| !$this->_acl->isAllowed($auth_all_items_stored->role, $resource, $action) {
...
}
That should redirect to the auth controller / login action if there is either no session information available, or if the current user is not allowed to access this particular rule.
Either way, just ensure you actually have an object in the auth/session first.
-ralph
没有评论:
发表评论