統計
| ブランチ: | リビジョン:

pictcode / lib / Cake / Controller / Component / AclComponent.php @ 9d2f0219

履歴 | 表示 | アノテート | ダウンロード (6.512 KB)

1
<?php
2
/**
3
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
4
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
5
 *
6
 * Licensed under The MIT License
7
 * For full copyright and license information, please see the LICENSE.txt
8
 * Redistributions of files must retain the above copyright notice.
9
 *
10
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
11
 * @link          http://cakephp.org CakePHP(tm) Project
12
 * @package       Cake.Controller.Component
13
 * @since         CakePHP(tm) v 0.10.0.1076
14
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
15
 */
16

    
17
App::uses('Component', 'Controller');
18
App::uses('AclInterface', 'Controller/Component/Acl');
19

    
20
/**
21
 * Access Control List factory class.
22
 *
23
 * Uses a strategy pattern to allow custom ACL implementations to be used with the same component interface.
24
 * You can define by changing `Configure::write('Acl.classname', 'DbAcl');` in your core.php. The adapter
25
 * you specify must implement `AclInterface`
26
 *
27
 * @package       Cake.Controller.Component
28
 * @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html
29
 */
30
class AclComponent extends Component {
31

    
32
/**
33
 * Instance of an ACL class
34
 *
35
 * @var AclInterface
36
 */
37
        protected $_Instance = null;
38

    
39
/**
40
 * Aro object.
41
 *
42
 * @var string
43
 */
44
        public $Aro;
45

    
46
/**
47
 * Aco object
48
 *
49
 * @var string
50
 */
51
        public $Aco;
52

    
53
/**
54
 * Constructor. Will return an instance of the correct ACL class as defined in `Configure::read('Acl.classname')`
55
 *
56
 * @param ComponentCollection $collection Collection instance.
57
 * @param array $settings Settings list.
58
 * @throws CakeException when Acl.classname could not be loaded.
59
 */
60
        public function __construct(ComponentCollection $collection, $settings = array()) {
61
                parent::__construct($collection, $settings);
62
                $name = Configure::read('Acl.classname');
63
                if (!class_exists($name)) {
64
                        list($plugin, $name) = pluginSplit($name, true);
65
                        App::uses($name, $plugin . 'Controller/Component/Acl');
66
                        if (!class_exists($name)) {
67
                                throw new CakeException(__d('cake_dev', 'Could not find %s.', $name));
68
                        }
69
                }
70
                $this->adapter($name);
71
        }
72

    
73
/**
74
 * Sets or gets the Adapter object currently in the AclComponent.
75
 *
76
 * `$this->Acl->adapter();` will get the current adapter class while
77
 * `$this->Acl->adapter($obj);` will set the adapter class
78
 *
79
 * Will call the initialize method on the adapter if setting a new one.
80
 *
81
 * @param AclInterface|string $adapter Instance of AclInterface or a string name of the class to use. (optional)
82
 * @return AclInterface|null Either null, or the adapter implementation.
83
 * @throws CakeException when the given class is not an instance of AclInterface
84
 */
85
        public function adapter($adapter = null) {
86
                if ($adapter) {
87
                        if (is_string($adapter)) {
88
                                $adapter = new $adapter();
89
                        }
90
                        if (!$adapter instanceof AclInterface) {
91
                                throw new CakeException(__d('cake_dev', 'AclComponent adapters must implement AclInterface'));
92
                        }
93
                        $this->_Instance = $adapter;
94
                        $this->_Instance->initialize($this);
95
                        return null;
96
                }
97
                return $this->_Instance;
98
        }
99

    
100
/**
101
 * Pass-thru function for ACL check instance. Check methods
102
 * are used to check whether or not an ARO can access an ACO
103
 *
104
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
105
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
106
 * @param string $action Action (defaults to *)
107
 * @return bool Success
108
 */
109
        public function check($aro, $aco, $action = "*") {
110
                return $this->_Instance->check($aro, $aco, $action);
111
        }
112

    
113
/**
114
 * Pass-thru function for ACL allow instance. Allow methods
115
 * are used to grant an ARO access to an ACO.
116
 *
117
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
118
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
119
 * @param string $action Action (defaults to *)
120
 * @return bool Success
121
 */
122
        public function allow($aro, $aco, $action = "*") {
123
                return $this->_Instance->allow($aro, $aco, $action);
124
        }
125

    
126
/**
127
 * Pass-thru function for ACL deny instance. Deny methods
128
 * are used to remove permission from an ARO to access an ACO.
129
 *
130
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
131
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
132
 * @param string $action Action (defaults to *)
133
 * @return bool Success
134
 */
135
        public function deny($aro, $aco, $action = "*") {
136
                return $this->_Instance->deny($aro, $aco, $action);
137
        }
138

    
139
/**
140
 * Pass-thru function for ACL inherit instance. Inherit methods
141
 * modify the permission for an ARO to be that of its parent object.
142
 *
143
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
144
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
145
 * @param string $action Action (defaults to *)
146
 * @return bool Success
147
 */
148
        public function inherit($aro, $aco, $action = "*") {
149
                return $this->_Instance->inherit($aro, $aco, $action);
150
        }
151

    
152
/**
153
 * Pass-thru function for ACL grant instance. An alias for AclComponent::allow()
154
 *
155
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
156
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
157
 * @param string $action Action (defaults to *)
158
 * @return bool Success
159
 * @deprecated 3.0.0 Will be removed in 3.0.
160
 */
161
        public function grant($aro, $aco, $action = "*") {
162
                trigger_error(__d('cake_dev', '%s is deprecated, use %s instead', 'AclComponent::grant()', 'allow()'), E_USER_WARNING);
163
                return $this->_Instance->allow($aro, $aco, $action);
164
        }
165

    
166
/**
167
 * Pass-thru function for ACL grant instance. An alias for AclComponent::deny()
168
 *
169
 * @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
170
 * @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
171
 * @param string $action Action (defaults to *)
172
 * @return bool Success
173
 * @deprecated 3.0.0 Will be removed in 3.0.
174
 */
175
        public function revoke($aro, $aco, $action = "*") {
176
                trigger_error(__d('cake_dev', '%s is deprecated, use %s instead', 'AclComponent::revoke()', 'deny()'), E_USER_WARNING);
177
                return $this->_Instance->deny($aro, $aco, $action);
178
        }
179

    
180
}