pictcode / lib / Cake / Controller / Component / AclComponent.php @ master
履歴 | 表示 | アノテート | ダウンロード (6.512 KB)
1 |
<?php
|
---|---|
2 |
/**
|
3 |
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
4 |
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
5 |
*
|
6 |
* Licensed under The MIT License
|
7 |
* For full copyright and license information, please see the LICENSE.txt
|
8 |
* Redistributions of files must retain the above copyright notice.
|
9 |
*
|
10 |
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
11 |
* @link http://cakephp.org CakePHP(tm) Project
|
12 |
* @package Cake.Controller.Component
|
13 |
* @since CakePHP(tm) v 0.10.0.1076
|
14 |
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
15 |
*/
|
16 |
|
17 |
App::uses('Component', 'Controller'); |
18 |
App::uses('AclInterface', 'Controller/Component/Acl'); |
19 |
|
20 |
/**
|
21 |
* Access Control List factory class.
|
22 |
*
|
23 |
* Uses a strategy pattern to allow custom ACL implementations to be used with the same component interface.
|
24 |
* You can define by changing `Configure::write('Acl.classname', 'DbAcl');` in your core.php. The adapter
|
25 |
* you specify must implement `AclInterface`
|
26 |
*
|
27 |
* @package Cake.Controller.Component
|
28 |
* @link http://book.cakephp.org/2.0/en/core-libraries/components/access-control-lists.html
|
29 |
*/
|
30 |
class AclComponent extends Component { |
31 |
|
32 |
/**
|
33 |
* Instance of an ACL class
|
34 |
*
|
35 |
* @var AclInterface
|
36 |
*/
|
37 |
protected $_Instance = null; |
38 |
|
39 |
/**
|
40 |
* Aro object.
|
41 |
*
|
42 |
* @var string
|
43 |
*/
|
44 |
public $Aro; |
45 |
|
46 |
/**
|
47 |
* Aco object
|
48 |
*
|
49 |
* @var string
|
50 |
*/
|
51 |
public $Aco; |
52 |
|
53 |
/**
|
54 |
* Constructor. Will return an instance of the correct ACL class as defined in `Configure::read('Acl.classname')`
|
55 |
*
|
56 |
* @param ComponentCollection $collection Collection instance.
|
57 |
* @param array $settings Settings list.
|
58 |
* @throws CakeException when Acl.classname could not be loaded.
|
59 |
*/
|
60 |
public function __construct(ComponentCollection $collection, $settings = array()) { |
61 |
parent::__construct($collection, $settings); |
62 |
$name = Configure::read('Acl.classname'); |
63 |
if (!class_exists($name)) { |
64 |
list($plugin, $name) = pluginSplit($name, true); |
65 |
App::uses($name, $plugin . 'Controller/Component/Acl'); |
66 |
if (!class_exists($name)) { |
67 |
throw new CakeException(__d('cake_dev', 'Could not find %s.', $name)); |
68 |
} |
69 |
} |
70 |
$this->adapter($name); |
71 |
} |
72 |
|
73 |
/**
|
74 |
* Sets or gets the Adapter object currently in the AclComponent.
|
75 |
*
|
76 |
* `$this->Acl->adapter();` will get the current adapter class while
|
77 |
* `$this->Acl->adapter($obj);` will set the adapter class
|
78 |
*
|
79 |
* Will call the initialize method on the adapter if setting a new one.
|
80 |
*
|
81 |
* @param AclInterface|string $adapter Instance of AclInterface or a string name of the class to use. (optional)
|
82 |
* @return AclInterface|null Either null, or the adapter implementation.
|
83 |
* @throws CakeException when the given class is not an instance of AclInterface
|
84 |
*/
|
85 |
public function adapter($adapter = null) { |
86 |
if ($adapter) { |
87 |
if (is_string($adapter)) { |
88 |
$adapter = new $adapter(); |
89 |
} |
90 |
if (!$adapter instanceof AclInterface) { |
91 |
throw new CakeException(__d('cake_dev', 'AclComponent adapters must implement AclInterface')); |
92 |
} |
93 |
$this->_Instance = $adapter; |
94 |
$this->_Instance->initialize($this); |
95 |
return null; |
96 |
} |
97 |
return $this->_Instance; |
98 |
} |
99 |
|
100 |
/**
|
101 |
* Pass-thru function for ACL check instance. Check methods
|
102 |
* are used to check whether or not an ARO can access an ACO
|
103 |
*
|
104 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
105 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
106 |
* @param string $action Action (defaults to *)
|
107 |
* @return bool Success
|
108 |
*/
|
109 |
public function check($aro, $aco, $action = "*") { |
110 |
return $this->_Instance->check($aro, $aco, $action); |
111 |
} |
112 |
|
113 |
/**
|
114 |
* Pass-thru function for ACL allow instance. Allow methods
|
115 |
* are used to grant an ARO access to an ACO.
|
116 |
*
|
117 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
118 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
119 |
* @param string $action Action (defaults to *)
|
120 |
* @return bool Success
|
121 |
*/
|
122 |
public function allow($aro, $aco, $action = "*") { |
123 |
return $this->_Instance->allow($aro, $aco, $action); |
124 |
} |
125 |
|
126 |
/**
|
127 |
* Pass-thru function for ACL deny instance. Deny methods
|
128 |
* are used to remove permission from an ARO to access an ACO.
|
129 |
*
|
130 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
131 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
132 |
* @param string $action Action (defaults to *)
|
133 |
* @return bool Success
|
134 |
*/
|
135 |
public function deny($aro, $aco, $action = "*") { |
136 |
return $this->_Instance->deny($aro, $aco, $action); |
137 |
} |
138 |
|
139 |
/**
|
140 |
* Pass-thru function for ACL inherit instance. Inherit methods
|
141 |
* modify the permission for an ARO to be that of its parent object.
|
142 |
*
|
143 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
144 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
145 |
* @param string $action Action (defaults to *)
|
146 |
* @return bool Success
|
147 |
*/
|
148 |
public function inherit($aro, $aco, $action = "*") { |
149 |
return $this->_Instance->inherit($aro, $aco, $action); |
150 |
} |
151 |
|
152 |
/**
|
153 |
* Pass-thru function for ACL grant instance. An alias for AclComponent::allow()
|
154 |
*
|
155 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
156 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
157 |
* @param string $action Action (defaults to *)
|
158 |
* @return bool Success
|
159 |
* @deprecated 3.0.0 Will be removed in 3.0.
|
160 |
*/
|
161 |
public function grant($aro, $aco, $action = "*") { |
162 |
trigger_error(__d('cake_dev', '%s is deprecated, use %s instead', 'AclComponent::grant()', 'allow()'), E_USER_WARNING); |
163 |
return $this->_Instance->allow($aro, $aco, $action); |
164 |
} |
165 |
|
166 |
/**
|
167 |
* Pass-thru function for ACL grant instance. An alias for AclComponent::deny()
|
168 |
*
|
169 |
* @param array|string|Model $aro ARO The requesting object identifier. See `AclNode::node()` for possible formats
|
170 |
* @param array|string|Model $aco ACO The controlled object identifier. See `AclNode::node()` for possible formats
|
171 |
* @param string $action Action (defaults to *)
|
172 |
* @return bool Success
|
173 |
* @deprecated 3.0.0 Will be removed in 3.0.
|
174 |
*/
|
175 |
public function revoke($aro, $aco, $action = "*") { |
176 |
trigger_error(__d('cake_dev', '%s is deprecated, use %s instead', 'AclComponent::revoke()', 'deny()'), E_USER_WARNING); |
177 |
return $this->_Instance->deny($aro, $aco, $action); |
178 |
} |
179 |
|
180 |
} |