pictcode / lib / Cake / Controller / Component / Auth / BaseAuthorize.php @ 26d1f852
履歴 | 表示 | アノテート | ダウンロード (4.965 KB)
1 |
<?php
|
---|---|
2 |
/**
|
3 |
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
4 |
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
5 |
*
|
6 |
* Licensed under The MIT License
|
7 |
* For full copyright and license information, please see the LICENSE.txt
|
8 |
* Redistributions of files must retain the above copyright notice.
|
9 |
*
|
10 |
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
11 |
* @link http://cakephp.org CakePHP(tm) Project
|
12 |
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
13 |
*/
|
14 |
|
15 |
App::uses('Hash', 'Utility'); |
16 |
|
17 |
/**
|
18 |
* Abstract base authorization adapter for AuthComponent.
|
19 |
*
|
20 |
* @package Cake.Controller.Component.Auth
|
21 |
* @since 2.0
|
22 |
* @see AuthComponent::$authenticate
|
23 |
*/
|
24 |
abstract class BaseAuthorize { |
25 |
|
26 |
/**
|
27 |
* Controller for the request.
|
28 |
*
|
29 |
* @var Controller
|
30 |
*/
|
31 |
protected $_Controller = null; |
32 |
|
33 |
/**
|
34 |
* Component collection instance for getting more components.
|
35 |
*
|
36 |
* @var ComponentCollection
|
37 |
*/
|
38 |
protected $_Collection; |
39 |
|
40 |
/**
|
41 |
* Settings for authorize objects.
|
42 |
*
|
43 |
* - `actionPath` - The path to ACO nodes that contains the nodes for controllers. Used as a prefix
|
44 |
* when calling $this->action();
|
45 |
* - `actionMap` - Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
|
46 |
* - `userModel` - Model name that ARO records can be found under. Defaults to 'User'.
|
47 |
*
|
48 |
* @var array
|
49 |
*/
|
50 |
public $settings = array( |
51 |
'actionPath' => null, |
52 |
'actionMap' => array( |
53 |
'index' => 'read', |
54 |
'add' => 'create', |
55 |
'edit' => 'update', |
56 |
'view' => 'read', |
57 |
'delete' => 'delete', |
58 |
'remove' => 'delete' |
59 |
), |
60 |
'userModel' => 'User' |
61 |
); |
62 |
|
63 |
/**
|
64 |
* Constructor
|
65 |
*
|
66 |
* @param ComponentCollection $collection The controller for this request.
|
67 |
* @param string $settings An array of settings. This class does not use any settings.
|
68 |
*/
|
69 |
public function __construct(ComponentCollection $collection, $settings = array()) { |
70 |
$this->_Collection = $collection; |
71 |
$controller = $collection->getController(); |
72 |
$this->controller($controller); |
73 |
$this->settings = Hash::merge($this->settings, $settings); |
74 |
} |
75 |
|
76 |
/**
|
77 |
* Checks user authorization.
|
78 |
*
|
79 |
* @param array $user Active user data
|
80 |
* @param CakeRequest $request Request instance.
|
81 |
* @return bool
|
82 |
*/
|
83 |
abstract public function authorize($user, CakeRequest $request); |
84 |
|
85 |
/**
|
86 |
* Accessor to the controller object.
|
87 |
*
|
88 |
* @param Controller $controller null to get, a controller to set.
|
89 |
* @return mixed
|
90 |
* @throws CakeException
|
91 |
*/
|
92 |
public function controller(Controller $controller = null) { |
93 |
if ($controller) { |
94 |
if (!$controller instanceof Controller) { |
95 |
throw new CakeException(__d('cake_dev', '$controller needs to be an instance of Controller')); |
96 |
} |
97 |
$this->_Controller = $controller; |
98 |
return true; |
99 |
} |
100 |
return $this->_Controller; |
101 |
} |
102 |
|
103 |
/**
|
104 |
* Get the action path for a given request. Primarily used by authorize objects
|
105 |
* that need to get information about the plugin, controller, and action being invoked.
|
106 |
*
|
107 |
* @param CakeRequest $request The request a path is needed for.
|
108 |
* @param string $path Path format.
|
109 |
* @return string the action path for the given request.
|
110 |
*/
|
111 |
public function action(CakeRequest $request, $path = '/:plugin/:controller/:action') { |
112 |
$plugin = empty($request['plugin']) ? null : Inflector::camelize($request['plugin']) . '/'; |
113 |
$path = str_replace( |
114 |
array(':controller', ':action', ':plugin/'), |
115 |
array(Inflector::camelize($request['controller']), $request['action'], $plugin), |
116 |
$this->settings['actionPath'] . $path |
117 |
); |
118 |
$path = str_replace('//', '/', $path); |
119 |
return trim($path, '/'); |
120 |
} |
121 |
|
122 |
/**
|
123 |
* Maps crud actions to actual action names. Used to modify or get the current mapped actions.
|
124 |
*
|
125 |
* Create additional mappings for a standard CRUD operation:
|
126 |
*
|
127 |
* ```
|
128 |
* $this->Auth->mapActions(array('create' => array('add', 'register'));
|
129 |
* ```
|
130 |
*
|
131 |
* Or equivalently:
|
132 |
*
|
133 |
* ```
|
134 |
* $this->Auth->mapActions(array('register' => 'create', 'add' => 'create'));
|
135 |
* ```
|
136 |
*
|
137 |
* Create mappings for custom CRUD operations:
|
138 |
*
|
139 |
* ```
|
140 |
* $this->Auth->mapActions(array('range' => 'search'));
|
141 |
* ```
|
142 |
*
|
143 |
* You can use the custom CRUD operations to create additional generic permissions
|
144 |
* that behave like CRUD operations. Doing this will require additional columns on the
|
145 |
* permissions lookup. For example if one wanted an additional search CRUD operation
|
146 |
* one would create and additional column '_search' in the aros_acos table. One could
|
147 |
* create a custom admin CRUD operation for administration functions similarly if needed.
|
148 |
*
|
149 |
* @param array $map Either an array of mappings, or undefined to get current values.
|
150 |
* @return mixed Either the current mappings or null when setting.
|
151 |
* @see AuthComponent::mapActions()
|
152 |
*/
|
153 |
public function mapActions($map = array()) { |
154 |
if (empty($map)) { |
155 |
return $this->settings['actionMap']; |
156 |
} |
157 |
foreach ($map as $action => $type) { |
158 |
if (is_array($type)) { |
159 |
foreach ($type as $typedAction) { |
160 |
$this->settings['actionMap'][$typedAction] = $action; |
161 |
} |
162 |
} else {
|
163 |
$this->settings['actionMap'][$action] = $type; |
164 |
} |
165 |
} |
166 |
} |
167 |
|
168 |
} |