ZF2 Integrating BjyAuthorize with Zend\Navigation

Question

I have a problem with integration BjyAuthorize and Zend navigation and don't know how to resolve them. I try this manual and everything works fine. But I expected when I define guards in bjyauthorize.config and after that, there will be reflection between my navigation and guard configuration (denied controllers or routes does not display navigation items). My problem is that navigation items are still displayed, but sections are correctly protected. Is there any way, how to reflect guards into navigation? My view helper config in Module.php

My Application/Module.php view helper configuration:

'mainMenu' => function($sm){
                $nav = $sm->get('navigation')->menu();
                $serviceLocator = $sm->getServiceLocator();
                $acl = $serviceLocator->get('BjyAuthorize\Service\Authorize')->getAcl();
                $role = $serviceLocator->get('BjyAuthorize\Service\Authorize')->getIdentity();
                $nav->setAcl($acl);
                $nav->setRole($role); // Todo replace
                $nav->setUseAcl();
                return $nav->setUlClass('nav')->setTranslatorTextDomain(__NAMESPACE__); 
            }

My guard configuration in bjyauthorize.global.php

'guards' => array(
    'BjyAuthorize\Guard\Controller' => array(
        array('controller' => 'Article\Controller\Article', 'roles' => array('user')),
),

And My navigation.global.php

return array(
    'navigation' => array(
       'default' => array(
           'articles' => array(
                'label' => 'Articles',
                'route' => 'articles',
            ),
        ),
    ));

I try to change routes configuration to module/controller/action and still does not work.

score 6 · Answer 1 · answered Aug 19 '13 at 03:34

To help out anyone that is attempting this using BjyAuthorize\Guard\Route...

You will need to prefix your route name with route/ and use that for the resource value.

If your config has a guard like this...

'guards' => array(
    'BjyAuthorize\Guard\Route' => array(
         array('route' => 'zfcadmin/zfcuseradmin/list', 'roles' => array('admin')),
     )
);

You would define something like this for your navigation

'navigation' => array(
    'default' => array(
        'admin' => array(
            'label' => 'Admin',
            'route' => 'zfcadmin',
            'pages' => array(
                'users' => array(
                    'resource' => 'route/zfcadmin/zfcuseradmin/list', // route resource ;)
                    'label' => 'Users',
                    'route' => 'zfcadmin/zfcuseradmin/list',
                ),
            ),
        ),
    ),
),

You can set the default ACL and Role by placing this in your onBootstrap method of your module.

$sm   = $e->getApplication()->getServiceManager();
$auth = $sm->get('BjyAuthorize\Service\Authorize');

$acl  = $auth->getAcl();
$role = $auth->getIdentity();
\Zend\View\Helper\Navigation::setDefaultAcl($acl);
\Zend\View\Helper\Navigation::setDefaultRole($role);

I hope this helps somebody out there.

Hi, this works pretty well. But how do you check if a user is authenticated or not? The method hasIdentity() does not exists... — cwhisperer, Mar 20 '14 at 07:49
@cwhisperer BjyAuthorize is for [authorization NOT authentication](http://stackoverflow.com/questions/6556522/authentication-versus-authorization). The [ZfcUser Module](https://github.com/ZF-Commons/ZfcUser) makes use of `Zend\Authentication\AuthenticationService` which has the `hasIdentity()` method that you are looking for. — moranjk, Mar 20 '14 at 13:55
You are right, thx... One more question in this context: In a view I can use $this->isAllowed('route/xyz'),how do I use the helper isAllowed() in a view Helper? — cwhisperer, Mar 24 '14 at 13:12
I'm not the expert in this matter, but you should be able to call `$this->getView()->isAllowed('route/xyz')` inside another view helper. I'm not sure why you would need to do that, but I'm not here to judge ;) — moranjk, Mar 24 '14 at 18:59

griesi · Accepted Answer · 2012-12-11T12:34:59.030

5

You did not specify the resource within your navigation configuration. Also make sure if $role matches bjyauthorize-identity

'navigation' => array(
  'default' => array(
     array(
       'label' => 'Registration',
   'resource'   => 'controller/cebEvent.registrationController:add',
   'route' => 'registration/add',
     ),
  ),
),

The specified resource must match your guard configuration:

'guards' => array(
    'BjyAuthorize\Guard\Controller' => array(
        array('controller' => 'cebEvent.registrationController','action' => 'add', 'roles' => array('guest','registration_manage')),
    ),
 ),

edited Dec 11 '12 at 12:34

answered Dec 11 '12 at 12:21

griesi

370
3
12

Thank You for advice, you are right. Problem was in I don't specify resource. – user1893983 Dec 11 '12 at 12:39

score 0 · Answer 3 · answered Jun 07 '13 at 08:48

Can you post an usage example for using Guard\Route instead of Controller? My example route for this case:

'guards' => array(
    'BjyAuthorize\Guard\Route' => array(
        array('route' => 'zfcadmin/sap-targetvalue/index', 'roles' => array('guest', 'user')),
        array('route' => 'zfcadmin/sap-targetvalue/create', 'roles' => array('user')),
    )
);

score 0 · Answer 4 · answered Jan 14 '16 at 15:23

As griesi mentioned you just need to specify the resource in your navigation config.

In his example he stated this Controller & action as resource

controller/cebEvent.registrationController:add

I just want to add that this version also works (in this case without the action)

'resource' => 'controller/Game\Controller\List'

Maybe it's helpfull for someone. I thought this will never work because it looks so terribly wrong ;)

ZF2 Integrating BjyAuthorize with Zend\Navigation

4 Answers4