統計
| ブランチ: | リビジョン:

pictcode / lib / Cake / Controller / Component / Auth / CrudAuthorize.php @ d37b000c

履歴 | 表示 | アノテート | ダウンロード (3.373 KB)

1 635eef61 spyder1211
<?php
2
/**
3
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
4
 * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
5
 *
6
 * Licensed under The MIT License
7
 * For full copyright and license information, please see the LICENSE.txt
8
 * Redistributions of files must retain the above copyright notice.
9
 *
10
 * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
11
 * @link          http://cakephp.org CakePHP(tm) Project
12
 * @license       http://www.opensource.org/licenses/mit-license.php MIT License
13
 */
14
15
App::uses('BaseAuthorize', 'Controller/Component/Auth');
16
App::uses('Router', 'Routing');
17
18
/**
19
 * An authorization adapter for AuthComponent. Provides the ability to authorize using CRUD mappings.
20
 * CRUD mappings allow you to translate controller actions into *C*reate *R*ead *U*pdate *D*elete actions.
21
 * This is then checked in the AclComponent as specific permissions.
22
 *
23
 * For example, taking `/posts/index` as the current request. The default mapping for `index`, is a `read` permission
24
 * check. The Acl check would then be for the `posts` controller with the `read` permission. This allows you
25
 * to create permission systems that focus more on what is being done to resources, rather than the specific actions
26
 * being visited.
27
 *
28
 * @package       Cake.Controller.Component.Auth
29
 * @since 2.0
30
 * @see AuthComponent::$authenticate
31
 * @see AclComponent::check()
32
 */
33
class CrudAuthorize extends BaseAuthorize {
34
35
/**
36
 * Sets up additional actionMap values that match the configured `Routing.prefixes`.
37
 *
38
 * @param ComponentCollection $collection The component collection from the controller.
39
 * @param string $settings An array of settings. This class does not use any settings.
40
 */
41
        public function __construct(ComponentCollection $collection, $settings = array()) {
42
                parent::__construct($collection, $settings);
43
                $this->_setPrefixMappings();
44
        }
45
46
/**
47
 * sets the crud mappings for prefix routes.
48
 *
49
 * @return void
50
 */
51
        protected function _setPrefixMappings() {
52
                $crud = array('create', 'read', 'update', 'delete');
53
                $map = array_combine($crud, $crud);
54
55
                $prefixes = Router::prefixes();
56
                if (!empty($prefixes)) {
57
                        foreach ($prefixes as $prefix) {
58
                                $map = array_merge($map, array(
59
                                        $prefix . '_index' => 'read',
60
                                        $prefix . '_add' => 'create',
61
                                        $prefix . '_edit' => 'update',
62
                                        $prefix . '_view' => 'read',
63
                                        $prefix . '_remove' => 'delete',
64
                                        $prefix . '_create' => 'create',
65
                                        $prefix . '_read' => 'read',
66
                                        $prefix . '_update' => 'update',
67
                                        $prefix . '_delete' => 'delete'
68
                                ));
69
                        }
70
                }
71
                $this->mapActions($map);
72
        }
73
74
/**
75
 * Authorize a user using the mapped actions and the AclComponent.
76
 *
77
 * @param array $user The user to authorize
78
 * @param CakeRequest $request The request needing authorization.
79
 * @return bool
80
 */
81
        public function authorize($user, CakeRequest $request) {
82
                if (!isset($this->settings['actionMap'][$request->params['action']])) {
83
                        trigger_error(__d('cake_dev',
84
                                'CrudAuthorize::authorize() - Attempted access of un-mapped action "%1$s" in controller "%2$s"',
85
                                $request->action,
86
                                $request->controller
87
                                ),
88
                                E_USER_WARNING
89
                        );
90
                        return false;
91
                }
92
                $user = array($this->settings['userModel'] => $user);
93
                $Acl = $this->_Collection->load('Acl');
94
                return $Acl->check(
95
                        $user,
96
                        $this->action($request, ':controller'),
97
                        $this->settings['actionMap'][$request->params['action']]
98
                );
99
        }
100
101
}