pictcode / lib / Cake / Controller / Component / Acl / DbAcl.php @ 26d1f852
履歴 | 表示 | アノテート | ダウンロード (5.073 KB)
1 | 635eef61 | spyder1211 | <?php
|
---|---|---|---|
2 | /**
|
||
3 | * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||
4 | * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
5 | *
|
||
6 | * Licensed under The MIT License
|
||
7 | * For full copyright and license information, please see the LICENSE.txt
|
||
8 | * Redistributions of files must retain the above copyright notice.
|
||
9 | *
|
||
10 | * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
11 | * @link http://cakephp.org CakePHP(tm) Project
|
||
12 | * @package Cake.Controller.Component.Acl
|
||
13 | * @since CakePHP(tm) v 0.10.0.1076
|
||
14 | * @license http://www.opensource.org/licenses/mit-license.php MIT License
|
||
15 | */
|
||
16 | |||
17 | App::uses('AclInterface', 'Controller/Component/Acl'); |
||
18 | App::uses('Hash', 'Utility'); |
||
19 | App::uses('ClassRegistry', 'Utility'); |
||
20 | |||
21 | /**
|
||
22 | * DbAcl implements an ACL control system in the database. ARO's and ACO's are
|
||
23 | * structured into trees and a linking table is used to define permissions. You
|
||
24 | * can install the schema for DbAcl with the Schema Shell.
|
||
25 | *
|
||
26 | * `$aco` and `$aro` parameters can be slash delimited paths to tree nodes.
|
||
27 | *
|
||
28 | * eg. `controllers/Users/edit`
|
||
29 | *
|
||
30 | * Would point to a tree structure like
|
||
31 | *
|
||
32 | * ```
|
||
33 | * controllers
|
||
34 | * Users
|
||
35 | * edit
|
||
36 | * ```
|
||
37 | *
|
||
38 | * @package Cake.Controller.Component.Acl
|
||
39 | */
|
||
40 | class DbAcl extends Object implements AclInterface { |
||
41 | |||
42 | /**
|
||
43 | * Constructor
|
||
44 | */
|
||
45 | public function __construct() { |
||
46 | parent::__construct();
|
||
47 | $this->Permission = ClassRegistry::init(array('class' => 'Permission', 'alias' => 'Permission')); |
||
48 | $this->Aro = $this->Permission->Aro; |
||
49 | $this->Aco = $this->Permission->Aco; |
||
50 | } |
||
51 | |||
52 | /**
|
||
53 | * Initializes the containing component and sets the Aro/Aco objects to it.
|
||
54 | *
|
||
55 | * @param AclComponent $component The AclComponent instance.
|
||
56 | * @return void
|
||
57 | */
|
||
58 | public function initialize(Component $component) { |
||
59 | $component->Aro = $this->Aro; |
||
60 | $component->Aco = $this->Aco; |
||
61 | } |
||
62 | |||
63 | /**
|
||
64 | * Checks if the given $aro has access to action $action in $aco
|
||
65 | *
|
||
66 | * @param string $aro ARO The requesting object identifier.
|
||
67 | * @param string $aco ACO The controlled object identifier.
|
||
68 | * @param string $action Action (defaults to *)
|
||
69 | * @return bool Success (true if ARO has access to action in ACO, false otherwise)
|
||
70 | * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#checking-permissions-the-acl-component
|
||
71 | */
|
||
72 | public function check($aro, $aco, $action = "*") { |
||
73 | return $this->Permission->check($aro, $aco, $action); |
||
74 | } |
||
75 | |||
76 | /**
|
||
77 | * Allow $aro to have access to action $actions in $aco
|
||
78 | *
|
||
79 | * @param string $aro ARO The requesting object identifier.
|
||
80 | * @param string $aco ACO The controlled object identifier.
|
||
81 | * @param string $actions Action (defaults to *)
|
||
82 | * @param int $value Value to indicate access type (1 to give access, -1 to deny, 0 to inherit)
|
||
83 | * @return bool Success
|
||
84 | * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#assigning-permissions
|
||
85 | */
|
||
86 | public function allow($aro, $aco, $actions = "*", $value = 1) { |
||
87 | return $this->Permission->allow($aro, $aco, $actions, $value); |
||
88 | } |
||
89 | |||
90 | /**
|
||
91 | * Deny access for $aro to action $action in $aco
|
||
92 | *
|
||
93 | * @param string $aro ARO The requesting object identifier.
|
||
94 | * @param string $aco ACO The controlled object identifier.
|
||
95 | * @param string $action Action (defaults to *)
|
||
96 | * @return bool Success
|
||
97 | * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#assigning-permissions
|
||
98 | */
|
||
99 | public function deny($aro, $aco, $action = "*") { |
||
100 | return $this->allow($aro, $aco, $action, -1); |
||
101 | } |
||
102 | |||
103 | /**
|
||
104 | * Let access for $aro to action $action in $aco be inherited
|
||
105 | *
|
||
106 | * @param string $aro ARO The requesting object identifier.
|
||
107 | * @param string $aco ACO The controlled object identifier.
|
||
108 | * @param string $action Action (defaults to *)
|
||
109 | * @return bool Success
|
||
110 | */
|
||
111 | public function inherit($aro, $aco, $action = "*") { |
||
112 | return $this->allow($aro, $aco, $action, 0); |
||
113 | } |
||
114 | |||
115 | /**
|
||
116 | * Allow $aro to have access to action $actions in $aco
|
||
117 | *
|
||
118 | * @param string $aro ARO The requesting object identifier.
|
||
119 | * @param string $aco ACO The controlled object identifier.
|
||
120 | * @param string $action Action (defaults to *)
|
||
121 | * @return bool Success
|
||
122 | * @see allow()
|
||
123 | */
|
||
124 | public function grant($aro, $aco, $action = "*") { |
||
125 | return $this->allow($aro, $aco, $action); |
||
126 | } |
||
127 | |||
128 | /**
|
||
129 | * Deny access for $aro to action $action in $aco
|
||
130 | *
|
||
131 | * @param string $aro ARO The requesting object identifier.
|
||
132 | * @param string $aco ACO The controlled object identifier.
|
||
133 | * @param string $action Action (defaults to *)
|
||
134 | * @return bool Success
|
||
135 | * @see deny()
|
||
136 | */
|
||
137 | public function revoke($aro, $aco, $action = "*") { |
||
138 | return $this->deny($aro, $aco, $action); |
||
139 | } |
||
140 | |||
141 | /**
|
||
142 | * Get an array of access-control links between the given Aro and Aco
|
||
143 | *
|
||
144 | * @param string $aro ARO The requesting object identifier.
|
||
145 | * @param string $aco ACO The controlled object identifier.
|
||
146 | * @return array Indexed array with: 'aro', 'aco' and 'link'
|
||
147 | */
|
||
148 | public function getAclLink($aro, $aco) { |
||
149 | return $this->Permission->getAclLink($aro, $aco); |
||
150 | } |
||
151 | |||
152 | /**
|
||
153 | * Get the keys used in an ACO
|
||
154 | *
|
||
155 | * @param array $keys Permission model info
|
||
156 | * @return array ACO keys
|
||
157 | */
|
||
158 | protected function _getAcoKeys($keys) { |
||
159 | return $this->Permission->getAcoKeys($keys); |
||
160 | } |
||
161 | |||
162 | } |