pictcode / lib / Cake / Controller / Component / Auth / CrudAuthorize.php @ 304d523f
履歴 | 表示 | アノテート | ダウンロード (3.373 KB)
| 1 | 635eef61 | spyder1211 | <?php
|
|---|---|---|---|
| 2 | /**
|
||
| 3 | * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||
| 4 | * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
| 5 | *
|
||
| 6 | * Licensed under The MIT License
|
||
| 7 | * For full copyright and license information, please see the LICENSE.txt
|
||
| 8 | * Redistributions of files must retain the above copyright notice.
|
||
| 9 | *
|
||
| 10 | * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
| 11 | * @link http://cakephp.org CakePHP(tm) Project
|
||
| 12 | * @license http://www.opensource.org/licenses/mit-license.php MIT License
|
||
| 13 | */
|
||
| 14 | |||
| 15 | App::uses('BaseAuthorize', 'Controller/Component/Auth'); |
||
| 16 | App::uses('Router', 'Routing'); |
||
| 17 | |||
| 18 | /**
|
||
| 19 | * An authorization adapter for AuthComponent. Provides the ability to authorize using CRUD mappings.
|
||
| 20 | * CRUD mappings allow you to translate controller actions into *C*reate *R*ead *U*pdate *D*elete actions.
|
||
| 21 | * This is then checked in the AclComponent as specific permissions.
|
||
| 22 | *
|
||
| 23 | * For example, taking `/posts/index` as the current request. The default mapping for `index`, is a `read` permission
|
||
| 24 | * check. The Acl check would then be for the `posts` controller with the `read` permission. This allows you
|
||
| 25 | * to create permission systems that focus more on what is being done to resources, rather than the specific actions
|
||
| 26 | * being visited.
|
||
| 27 | *
|
||
| 28 | * @package Cake.Controller.Component.Auth
|
||
| 29 | * @since 2.0
|
||
| 30 | * @see AuthComponent::$authenticate
|
||
| 31 | * @see AclComponent::check()
|
||
| 32 | */
|
||
| 33 | class CrudAuthorize extends BaseAuthorize { |
||
| 34 | |||
| 35 | /**
|
||
| 36 | * Sets up additional actionMap values that match the configured `Routing.prefixes`.
|
||
| 37 | *
|
||
| 38 | * @param ComponentCollection $collection The component collection from the controller.
|
||
| 39 | * @param string $settings An array of settings. This class does not use any settings.
|
||
| 40 | */
|
||
| 41 | public function __construct(ComponentCollection $collection, $settings = array()) { |
||
| 42 | parent::__construct($collection, $settings); |
||
| 43 | $this->_setPrefixMappings();
|
||
| 44 | } |
||
| 45 | |||
| 46 | /**
|
||
| 47 | * sets the crud mappings for prefix routes.
|
||
| 48 | *
|
||
| 49 | * @return void
|
||
| 50 | */
|
||
| 51 | protected function _setPrefixMappings() { |
||
| 52 | $crud = array('create', 'read', 'update', 'delete'); |
||
| 53 | $map = array_combine($crud, $crud); |
||
| 54 | |||
| 55 | $prefixes = Router::prefixes(); |
||
| 56 | if (!empty($prefixes)) { |
||
| 57 | foreach ($prefixes as $prefix) { |
||
| 58 | $map = array_merge($map, array( |
||
| 59 | $prefix . '_index' => 'read', |
||
| 60 | $prefix . '_add' => 'create', |
||
| 61 | $prefix . '_edit' => 'update', |
||
| 62 | $prefix . '_view' => 'read', |
||
| 63 | $prefix . '_remove' => 'delete', |
||
| 64 | $prefix . '_create' => 'create', |
||
| 65 | $prefix . '_read' => 'read', |
||
| 66 | $prefix . '_update' => 'update', |
||
| 67 | $prefix . '_delete' => 'delete' |
||
| 68 | )); |
||
| 69 | } |
||
| 70 | } |
||
| 71 | $this->mapActions($map); |
||
| 72 | } |
||
| 73 | |||
| 74 | /**
|
||
| 75 | * Authorize a user using the mapped actions and the AclComponent.
|
||
| 76 | *
|
||
| 77 | * @param array $user The user to authorize
|
||
| 78 | * @param CakeRequest $request The request needing authorization.
|
||
| 79 | * @return bool
|
||
| 80 | */
|
||
| 81 | public function authorize($user, CakeRequest $request) { |
||
| 82 | if (!isset($this->settings['actionMap'][$request->params['action']])) { |
||
| 83 | trigger_error(__d('cake_dev', |
||
| 84 | 'CrudAuthorize::authorize() - Attempted access of un-mapped action "%1$s" in controller "%2$s"',
|
||
| 85 | $request->action,
|
||
| 86 | $request->controller
|
||
| 87 | ), |
||
| 88 | E_USER_WARNING
|
||
| 89 | ); |
||
| 90 | return false; |
||
| 91 | } |
||
| 92 | $user = array($this->settings['userModel'] => $user); |
||
| 93 | $Acl = $this->_Collection->load('Acl'); |
||
| 94 | return $Acl->check( |
||
| 95 | $user,
|
||
| 96 | $this->action($request, ':controller'), |
||
| 97 | $this->settings['actionMap'][$request->params['action']] |
||
| 98 | ); |
||
| 99 | } |
||
| 100 | |||
| 101 | } |