#Ticket #301,#302,#303修改了数据作者的ACL规则
This commit is contained in:
parent
70a99bd3b0
commit
284cc2cbc3
|
@ -6,6 +6,7 @@
|
|||
// the action to dispatch if a user doesn't have sufficient privileges
|
||||
private $_authController = array('module'=>'','controller' => 'account',
|
||||
'action' => 'login');
|
||||
|
||||
public function __construct(Zend_Auth $auth)
|
||||
{
|
||||
$this->db=Zend_Registry::get('db');
|
||||
|
@ -21,11 +22,13 @@
|
|||
$this->acl->add(new Zend_Acl_Resource('water'));
|
||||
$this->acl->add(new Zend_Acl_Resource('admin'));
|
||||
$this->acl->add(new Zend_Acl_Resource('upload'));
|
||||
$this->acl->add(new Zend_Acl_Resource('author'));
|
||||
// allow access to everything for all users by default
|
||||
// except for the account management and administration areas
|
||||
$this->acl->allow();
|
||||
$this->acl->deny(null, 'account');
|
||||
$this->acl->deny(null, 'admin');
|
||||
$this->acl->deny(null, 'author');
|
||||
// add an exception so guests can log in or register
|
||||
// in order to gain privilege
|
||||
$this->acl->allow('guest', 'account', array('login',
|
||||
|
@ -34,8 +37,11 @@
|
|||
'registercomplete'));
|
||||
$this->acl->deny('guest','data',array('download','order'));
|
||||
$this->acl->deny('guest','water',array('download','order'));
|
||||
|
||||
// allow members access to the account management area
|
||||
$this->acl->allow('guest','author',array('index'));
|
||||
$this->acl->allow('member', 'account');
|
||||
$this->acl->allow('member', 'author');
|
||||
// allows administrators access to the admin area
|
||||
$this->acl->allow('administrator', 'admin');
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue