pictcode / lib / Cake / Controller / Component / Auth / BaseAuthorize.php @ 635eef61
履歴 | 表示 | アノテート | ダウンロード (4.965 KB)
1 | 635eef61 | spyder1211 | <?php
|
---|---|---|---|
2 | /**
|
||
3 | * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||
4 | * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
5 | *
|
||
6 | * Licensed under The MIT License
|
||
7 | * For full copyright and license information, please see the LICENSE.txt
|
||
8 | * Redistributions of files must retain the above copyright notice.
|
||
9 | *
|
||
10 | * @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||
11 | * @link http://cakephp.org CakePHP(tm) Project
|
||
12 | * @license http://www.opensource.org/licenses/mit-license.php MIT License
|
||
13 | */
|
||
14 | |||
15 | App::uses('Hash', 'Utility'); |
||
16 | |||
17 | /**
|
||
18 | * Abstract base authorization adapter for AuthComponent.
|
||
19 | *
|
||
20 | * @package Cake.Controller.Component.Auth
|
||
21 | * @since 2.0
|
||
22 | * @see AuthComponent::$authenticate
|
||
23 | */
|
||
24 | abstract class BaseAuthorize { |
||
25 | |||
26 | /**
|
||
27 | * Controller for the request.
|
||
28 | *
|
||
29 | * @var Controller
|
||
30 | */
|
||
31 | protected $_Controller = null; |
||
32 | |||
33 | /**
|
||
34 | * Component collection instance for getting more components.
|
||
35 | *
|
||
36 | * @var ComponentCollection
|
||
37 | */
|
||
38 | protected $_Collection; |
||
39 | |||
40 | /**
|
||
41 | * Settings for authorize objects.
|
||
42 | *
|
||
43 | * - `actionPath` - The path to ACO nodes that contains the nodes for controllers. Used as a prefix
|
||
44 | * when calling $this->action();
|
||
45 | * - `actionMap` - Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
|
||
46 | * - `userModel` - Model name that ARO records can be found under. Defaults to 'User'.
|
||
47 | *
|
||
48 | * @var array
|
||
49 | */
|
||
50 | public $settings = array( |
||
51 | 'actionPath' => null, |
||
52 | 'actionMap' => array( |
||
53 | 'index' => 'read', |
||
54 | 'add' => 'create', |
||
55 | 'edit' => 'update', |
||
56 | 'view' => 'read', |
||
57 | 'delete' => 'delete', |
||
58 | 'remove' => 'delete' |
||
59 | ), |
||
60 | 'userModel' => 'User' |
||
61 | ); |
||
62 | |||
63 | /**
|
||
64 | * Constructor
|
||
65 | *
|
||
66 | * @param ComponentCollection $collection The controller for this request.
|
||
67 | * @param string $settings An array of settings. This class does not use any settings.
|
||
68 | */
|
||
69 | public function __construct(ComponentCollection $collection, $settings = array()) { |
||
70 | $this->_Collection = $collection; |
||
71 | $controller = $collection->getController(); |
||
72 | $this->controller($controller); |
||
73 | $this->settings = Hash::merge($this->settings, $settings); |
||
74 | } |
||
75 | |||
76 | /**
|
||
77 | * Checks user authorization.
|
||
78 | *
|
||
79 | * @param array $user Active user data
|
||
80 | * @param CakeRequest $request Request instance.
|
||
81 | * @return bool
|
||
82 | */
|
||
83 | abstract public function authorize($user, CakeRequest $request); |
||
84 | |||
85 | /**
|
||
86 | * Accessor to the controller object.
|
||
87 | *
|
||
88 | * @param Controller $controller null to get, a controller to set.
|
||
89 | * @return mixed
|
||
90 | * @throws CakeException
|
||
91 | */
|
||
92 | public function controller(Controller $controller = null) { |
||
93 | if ($controller) { |
||
94 | if (!$controller instanceof Controller) { |
||
95 | throw new CakeException(__d('cake_dev', '$controller needs to be an instance of Controller')); |
||
96 | } |
||
97 | $this->_Controller = $controller; |
||
98 | return true; |
||
99 | } |
||
100 | return $this->_Controller; |
||
101 | } |
||
102 | |||
103 | /**
|
||
104 | * Get the action path for a given request. Primarily used by authorize objects
|
||
105 | * that need to get information about the plugin, controller, and action being invoked.
|
||
106 | *
|
||
107 | * @param CakeRequest $request The request a path is needed for.
|
||
108 | * @param string $path Path format.
|
||
109 | * @return string the action path for the given request.
|
||
110 | */
|
||
111 | public function action(CakeRequest $request, $path = '/:plugin/:controller/:action') { |
||
112 | $plugin = empty($request['plugin']) ? null : Inflector::camelize($request['plugin']) . '/'; |
||
113 | $path = str_replace( |
||
114 | array(':controller', ':action', ':plugin/'), |
||
115 | array(Inflector::camelize($request['controller']), $request['action'], $plugin), |
||
116 | $this->settings['actionPath'] . $path |
||
117 | ); |
||
118 | $path = str_replace('//', '/', $path); |
||
119 | return trim($path, '/'); |
||
120 | } |
||
121 | |||
122 | /**
|
||
123 | * Maps crud actions to actual action names. Used to modify or get the current mapped actions.
|
||
124 | *
|
||
125 | * Create additional mappings for a standard CRUD operation:
|
||
126 | *
|
||
127 | * ```
|
||
128 | * $this->Auth->mapActions(array('create' => array('add', 'register'));
|
||
129 | * ```
|
||
130 | *
|
||
131 | * Or equivalently:
|
||
132 | *
|
||
133 | * ```
|
||
134 | * $this->Auth->mapActions(array('register' => 'create', 'add' => 'create'));
|
||
135 | * ```
|
||
136 | *
|
||
137 | * Create mappings for custom CRUD operations:
|
||
138 | *
|
||
139 | * ```
|
||
140 | * $this->Auth->mapActions(array('range' => 'search'));
|
||
141 | * ```
|
||
142 | *
|
||
143 | * You can use the custom CRUD operations to create additional generic permissions
|
||
144 | * that behave like CRUD operations. Doing this will require additional columns on the
|
||
145 | * permissions lookup. For example if one wanted an additional search CRUD operation
|
||
146 | * one would create and additional column '_search' in the aros_acos table. One could
|
||
147 | * create a custom admin CRUD operation for administration functions similarly if needed.
|
||
148 | *
|
||
149 | * @param array $map Either an array of mappings, or undefined to get current values.
|
||
150 | * @return mixed Either the current mappings or null when setting.
|
||
151 | * @see AuthComponent::mapActions()
|
||
152 | */
|
||
153 | public function mapActions($map = array()) { |
||
154 | if (empty($map)) { |
||
155 | return $this->settings['actionMap']; |
||
156 | } |
||
157 | foreach ($map as $action => $type) { |
||
158 | if (is_array($type)) { |
||
159 | foreach ($type as $typedAction) { |
||
160 | $this->settings['actionMap'][$typedAction] = $action; |
||
161 | } |
||
162 | } else {
|
||
163 | $this->settings['actionMap'][$action] = $type; |
||
164 | } |
||
165 | } |
||
166 | } |
||
167 | |||
168 | } |