权限设计使用的是按位与或、取反等运算完成~ 如果你懂二进制,那么这一切都将很简单~
下面代码使用了接口进行定义封装,主要是这样处理起来更加优雅~ 更方便日后进行代码移植
<?php
/**
* 用户接口
* @author edwardhey
*
*/
interface Acl_User{
/**
* 获取访问 $res 资源的权限,如果用户有多个权限组都有对 $res 的访问权限,将会对权限进行合并,然后输出
* @param Acl_Resource $res
* @return int
*/
public function getAccess(Acl_Resource $res);
/**
* 设置对 $res 的访问权限
* @param Acl_Resource $res
* @param int $access
* @return int
*/
public function setAccess(Acl_Resource $res,$access);
}
/**
*
* 资源接口
* @author edwardhey
*
*/
interface Acl_Resource{
public function getName();
}
class Resource implements Acl_Resource{
public function checkValid(Acl_User $role,$access){
$access = (int)$access&0xffff;//防止非法权限值
if(!$access) return false;
$bindAccess = $role->getAccess($this);
return ($bindAccess&$access)==$access;
}
public function getName(){
return 'test';
}
}
class User implements Acl_User{
protected $access = array();
public function getAccess(Acl_Resource $res){
$name = $res->getName();
if(!isset($this->access[$name])){
return 0;
}else{
return $this->access[$name];
}
}
public function setAccess(Acl_Resource $res,$access){
$name = $res->getName();
if(!isset($this->access[$name])){
$bindAccess = 0;
}else{
$bindAccess = $this->access[$name];
}
$access = (int)$access&0xffff;//防止非法权限值
$bindAccess |= $access;
$this->access[$name] = $bindAccess;
}
}
$res = new Resource();
$user = new User();
$user->setAccess($res, 0xffff);
var_dump($res->checkValid($user, 88));
/**
* 用户接口
* @author edwardhey
*
*/
interface Acl_User{
/**
* 获取访问 $res 资源的权限,如果用户有多个权限组都有对 $res 的访问权限,将会对权限进行合并,然后输出
* @param Acl_Resource $res
* @return int
*/
public function getAccess(Acl_Resource $res);
/**
* 设置对 $res 的访问权限
* @param Acl_Resource $res
* @param int $access
* @return int
*/
public function setAccess(Acl_Resource $res,$access);
}
/**
*
* 资源接口
* @author edwardhey
*
*/
interface Acl_Resource{
public function getName();
}
class Resource implements Acl_Resource{
public function checkValid(Acl_User $role,$access){
$access = (int)$access&0xffff;//防止非法权限值
if(!$access) return false;
$bindAccess = $role->getAccess($this);
return ($bindAccess&$access)==$access;
}
public function getName(){
return 'test';
}
}
class User implements Acl_User{
protected $access = array();
public function getAccess(Acl_Resource $res){
$name = $res->getName();
if(!isset($this->access[$name])){
return 0;
}else{
return $this->access[$name];
}
}
public function setAccess(Acl_Resource $res,$access){
$name = $res->getName();
if(!isset($this->access[$name])){
$bindAccess = 0;
}else{
$bindAccess = $this->access[$name];
}
$access = (int)$access&0xffff;//防止非法权限值
$bindAccess |= $access;
$this->access[$name] = $bindAccess;
}
}
$res = new Resource();
$user = new User();
$user->setAccess($res, 0xffff);
var_dump($res->checkValid($user, 88));
