pictcode / lib / Cake / Controller / Component / Auth / CrudAuthorize.php @ master
履歴 | 表示 | アノテート | ダウンロード (3.373 KB)
| 1 |
<?php
|
|---|---|
| 2 |
/**
|
| 3 |
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
| 4 |
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
| 5 |
*
|
| 6 |
* Licensed under The MIT License
|
| 7 |
* For full copyright and license information, please see the LICENSE.txt
|
| 8 |
* Redistributions of files must retain the above copyright notice.
|
| 9 |
*
|
| 10 |
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
| 11 |
* @link http://cakephp.org CakePHP(tm) Project
|
| 12 |
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
| 13 |
*/
|
| 14 |
|
| 15 |
App::uses('BaseAuthorize', 'Controller/Component/Auth'); |
| 16 |
App::uses('Router', 'Routing'); |
| 17 |
|
| 18 |
/**
|
| 19 |
* An authorization adapter for AuthComponent. Provides the ability to authorize using CRUD mappings.
|
| 20 |
* CRUD mappings allow you to translate controller actions into *C*reate *R*ead *U*pdate *D*elete actions.
|
| 21 |
* This is then checked in the AclComponent as specific permissions.
|
| 22 |
*
|
| 23 |
* For example, taking `/posts/index` as the current request. The default mapping for `index`, is a `read` permission
|
| 24 |
* check. The Acl check would then be for the `posts` controller with the `read` permission. This allows you
|
| 25 |
* to create permission systems that focus more on what is being done to resources, rather than the specific actions
|
| 26 |
* being visited.
|
| 27 |
*
|
| 28 |
* @package Cake.Controller.Component.Auth
|
| 29 |
* @since 2.0
|
| 30 |
* @see AuthComponent::$authenticate
|
| 31 |
* @see AclComponent::check()
|
| 32 |
*/
|
| 33 |
class CrudAuthorize extends BaseAuthorize { |
| 34 |
|
| 35 |
/**
|
| 36 |
* Sets up additional actionMap values that match the configured `Routing.prefixes`.
|
| 37 |
*
|
| 38 |
* @param ComponentCollection $collection The component collection from the controller.
|
| 39 |
* @param string $settings An array of settings. This class does not use any settings.
|
| 40 |
*/
|
| 41 |
public function __construct(ComponentCollection $collection, $settings = array()) { |
| 42 |
parent::__construct($collection, $settings); |
| 43 |
$this->_setPrefixMappings();
|
| 44 |
} |
| 45 |
|
| 46 |
/**
|
| 47 |
* sets the crud mappings for prefix routes.
|
| 48 |
*
|
| 49 |
* @return void
|
| 50 |
*/
|
| 51 |
protected function _setPrefixMappings() { |
| 52 |
$crud = array('create', 'read', 'update', 'delete'); |
| 53 |
$map = array_combine($crud, $crud); |
| 54 |
|
| 55 |
$prefixes = Router::prefixes(); |
| 56 |
if (!empty($prefixes)) { |
| 57 |
foreach ($prefixes as $prefix) { |
| 58 |
$map = array_merge($map, array( |
| 59 |
$prefix . '_index' => 'read', |
| 60 |
$prefix . '_add' => 'create', |
| 61 |
$prefix . '_edit' => 'update', |
| 62 |
$prefix . '_view' => 'read', |
| 63 |
$prefix . '_remove' => 'delete', |
| 64 |
$prefix . '_create' => 'create', |
| 65 |
$prefix . '_read' => 'read', |
| 66 |
$prefix . '_update' => 'update', |
| 67 |
$prefix . '_delete' => 'delete' |
| 68 |
)); |
| 69 |
} |
| 70 |
} |
| 71 |
$this->mapActions($map); |
| 72 |
} |
| 73 |
|
| 74 |
/**
|
| 75 |
* Authorize a user using the mapped actions and the AclComponent.
|
| 76 |
*
|
| 77 |
* @param array $user The user to authorize
|
| 78 |
* @param CakeRequest $request The request needing authorization.
|
| 79 |
* @return bool
|
| 80 |
*/
|
| 81 |
public function authorize($user, CakeRequest $request) { |
| 82 |
if (!isset($this->settings['actionMap'][$request->params['action']])) { |
| 83 |
trigger_error(__d('cake_dev', |
| 84 |
'CrudAuthorize::authorize() - Attempted access of un-mapped action "%1$s" in controller "%2$s"',
|
| 85 |
$request->action,
|
| 86 |
$request->controller
|
| 87 |
), |
| 88 |
E_USER_WARNING
|
| 89 |
); |
| 90 |
return false; |
| 91 |
} |
| 92 |
$user = array($this->settings['userModel'] => $user); |
| 93 |
$Acl = $this->_Collection->load('Acl'); |
| 94 |
return $Acl->check( |
| 95 |
$user,
|
| 96 |
$this->action($request, ':controller'), |
| 97 |
$this->settings['actionMap'][$request->params['action']] |
| 98 |
); |
| 99 |
} |
| 100 |
|
| 101 |
} |