統計
| ブランチ: | リビジョン:

pictcode / lib / Cake / Controller / Component / Acl / DbAcl.php @ 9d2f0219

履歴 | 表示 | アノテート | ダウンロード (5.073 KB)

1
<?php
2
/**
3
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
4
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
5
 *
6
 * Licensed under The MIT License
7
 * For full copyright and license information, please see the LICENSE.txt
8
 * Redistributions of files must retain the above copyright notice.
9
 *
10
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
11
 * @link          http://cakephp.org CakePHP(tm) Project
12
 * @package       Cake.Controller.Component.Acl
13
 * @since         CakePHP(tm) v 0.10.0.1076
14
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
15
 */
16

    
17
App::uses('AclInterface', 'Controller/Component/Acl');
18
App::uses('Hash', 'Utility');
19
App::uses('ClassRegistry', 'Utility');
20

    
21
/**
22
 * DbAcl implements an ACL control system in the database. ARO's and ACO's are
23
 * structured into trees and a linking table is used to define permissions. You
24
 * can install the schema for DbAcl with the Schema Shell.
25
 *
26
 * `$aco` and `$aro` parameters can be slash delimited paths to tree nodes.
27
 *
28
 * eg. `controllers/Users/edit`
29
 *
30
 * Would point to a tree structure like
31
 *
32
 * ```
33
 *        controllers
34
 *                Users
35
 *                        edit
36
 * ```
37
 *
38
 * @package       Cake.Controller.Component.Acl
39
 */
40
class DbAcl extends Object implements AclInterface {
41

    
42
/**
43
 * Constructor
44
 */
45
        public function __construct() {
46
                parent::__construct();
47
                $this->Permission = ClassRegistry::init(array('class' => 'Permission', 'alias' => 'Permission'));
48
                $this->Aro = $this->Permission->Aro;
49
                $this->Aco = $this->Permission->Aco;
50
        }
51

    
52
/**
53
 * Initializes the containing component and sets the Aro/Aco objects to it.
54
 *
55
 * @param AclComponent $component The AclComponent instance.
56
 * @return void
57
 */
58
        public function initialize(Component $component) {
59
                $component->Aro = $this->Aro;
60
                $component->Aco = $this->Aco;
61
        }
62

    
63
/**
64
 * Checks if the given $aro has access to action $action in $aco
65
 *
66
 * @param string $aro ARO The requesting object identifier.
67
 * @param string $aco ACO The controlled object identifier.
68
 * @param string $action Action (defaults to *)
69
 * @return bool Success (true if ARO has access to action in ACO, false otherwise)
70
 * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#checking-permissions-the-acl-component
71
 */
72
        public function check($aro, $aco, $action = "*") {
73
                return $this->Permission->check($aro, $aco, $action);
74
        }
75

    
76
/**
77
 * Allow $aro to have access to action $actions in $aco
78
 *
79
 * @param string $aro ARO The requesting object identifier.
80
 * @param string $aco ACO The controlled object identifier.
81
 * @param string $actions Action (defaults to *)
82
 * @param int $value Value to indicate access type (1 to give access, -1 to deny, 0 to inherit)
83
 * @return bool Success
84
 * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#assigning-permissions
85
 */
86
        public function allow($aro, $aco, $actions = "*", $value = 1) {
87
                return $this->Permission->allow($aro, $aco, $actions, $value);
88
        }
89

    
90
/**
91
 * Deny access for $aro to action $action in $aco
92
 *
93
 * @param string $aro ARO The requesting object identifier.
94
 * @param string $aco ACO The controlled object identifier.
95
 * @param string $action Action (defaults to *)
96
 * @return bool Success
97
 * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html#assigning-permissions
98
 */
99
        public function deny($aro, $aco, $action = "*") {
100
                return $this->allow($aro, $aco, $action, -1);
101
        }
102

    
103
/**
104
 * Let access for $aro to action $action in $aco be inherited
105
 *
106
 * @param string $aro ARO The requesting object identifier.
107
 * @param string $aco ACO The controlled object identifier.
108
 * @param string $action Action (defaults to *)
109
 * @return bool Success
110
 */
111
        public function inherit($aro, $aco, $action = "*") {
112
                return $this->allow($aro, $aco, $action, 0);
113
        }
114

    
115
/**
116
 * Allow $aro to have access to action $actions in $aco
117
 *
118
 * @param string $aro ARO The requesting object identifier.
119
 * @param string $aco ACO The controlled object identifier.
120
 * @param string $action Action (defaults to *)
121
 * @return bool Success
122
 * @see allow()
123
 */
124
        public function grant($aro, $aco, $action = "*") {
125
                return $this->allow($aro, $aco, $action);
126
        }
127

    
128
/**
129
 * Deny access for $aro to action $action in $aco
130
 *
131
 * @param string $aro ARO The requesting object identifier.
132
 * @param string $aco ACO The controlled object identifier.
133
 * @param string $action Action (defaults to *)
134
 * @return bool Success
135
 * @see deny()
136
 */
137
        public function revoke($aro, $aco, $action = "*") {
138
                return $this->deny($aro, $aco, $action);
139
        }
140

    
141
/**
142
 * Get an array of access-control links between the given Aro and Aco
143
 *
144
 * @param string $aro ARO The requesting object identifier.
145
 * @param string $aco ACO The controlled object identifier.
146
 * @return array Indexed array with: 'aro', 'aco' and 'link'
147
 */
148
        public function getAclLink($aro, $aco) {
149
                return $this->Permission->getAclLink($aro, $aco);
150
        }
151

    
152
/**
153
 * Get the keys used in an ACO
154
 *
155
 * @param array $keys Permission model info
156
 * @return array ACO keys
157
 */
158
        protected function _getAcoKeys($keys) {
159
                return $this->Permission->getAcoKeys($keys);
160
        }
161

    
162
}