protected function execute($rule)
{
if (isset($rule['deny'])) {
if ($rule['deny'] == '*') {
$this->halt();
}
if (array_intersect(User::current()->getRoles(), preg_split('/\\s*,\\s*/', $rule['deny']))) {
$this->halt();
}
}
if (isset($rule['allow'])) {
if ($rule['allow'] == '*') {
return true;
}
if (array_intersect(User::current()->getRoles(), preg_split('/\\s*,\\s*/', $rule['allow']))) {
return true;
}
// 如果设置了allow,但是当前登录用户又没有包括这些角色,就不允许访问
$this->halt();
}
// 返回false会继续检查上一级rule
return false;
}
public function get()
{
return render_view('user', array('user' => \Model\User::current()));
}
<?php
$links = array('<a href="/user">User Page</a>', '<a href="/admin">Admin Page</a>');
$links[] = \Model\User::current()->hasRole('anonymous') ? '<a href="/login">Login</a>' : '<a href="/logout">Logout</a>';
?>
<div id="header"><?php
echo implode(' / ', $links);
?>
</div>
<?php
$user = \Model\User::current();
$is_anonymous = $user->hasRole(ROLE_ANONYMOUS);
?>
<?php
$this->extend('_layout');
?>
<?php
$this->block('main');
?>
<p>状态:<?php
echo $is_anonymous ? '未登录' : '已登录';
?>
</p>
<p>角色:<?php
echo ($roles = $user->getRoles()) ? implode(', ', $roles) : '无角色';
?>
</p>
<ul>
<?php
if ($is_anonymous) {
?>
<li><a href="/login">登录</a></li>
<?php
}
?>
