欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

CakePHP项目中引入Auth & Acl 控制

程序员文章站 2022-06-02 08:59:01
...
在此简单记录操作步骤,以备后期查阅。

一、引入auth /app/Controller/AppController.php

Php代码

class AppController extends Controller {  
    public $components = array(  
        'Acl',  
        'Auth' => array(  
            'authorize' => array(  
                'Actions' => array('actionPath' => 'controllers')  
            )  
        ),  
        'Session'  
    );  
    public $helpers = array('Html', 'Form', 'Session');  
  
    public function beforeFilter() {  
        //Configure AuthComponent  
        $this->Auth->loginAction = array(  
          'controller' => 'users',  
          'action' => 'login'  
        );  
        $this->Auth->logoutRedirect = array(  
          'controller' => 'users',  
          'action' => 'login'  
        );  
        $this->Auth->loginRedirect = array(  
          'controller' => 'posts',  
          'action' => 'add'  
        );  
    }  
}

二、生成acl表

Bash代码

./Console/cake schema create DbAcl

三、添加组及用户

设置Model文件 /app/Model/User.php

Php代码

class User extends AppModel {  
    public $belongsTo = array('Group');  
    public $actsAs = array('Acl' => array('type' => 'requester'));  
  
    public function parentNode() {  
        if (!$this->id && emptyempty($this->data)) {  
            return null;  
        }  
        if (isset($this->data['User']['group_id'])) {  
            $groupId = $this->data['User']['group_id'];  
        } else {  
            $groupId = $this->field('group_id');  
        }  
        if (!$groupId) {  
            return null;  
        }  
        return array('Group' => array('id' => $groupId));  
    }  
    public function bindNode($user) {  
        return array('model' => 'Group', 'foreign_key' => $user['User']['group_id']);  
    }  
 }

文件 /app/Model/Group.php

Php代码

class Group extends AppModel {  
    public $actsAs = array('Acl' => array('type' => 'requester'));  
  
    public function parentNode() {  
        return null;  
    }  
}

利用bake生成Users、Groups的mvc文件,添加组及用户,生成aros数据。

四、利用AclExtras 生成aco表数据
下载AclExtras 安装至/app/Plugin/ 目录下

Php代码

//app/Config/boostrap.php  
// ...  
CakePlugin::load('AclExtras');  
  利用bash命令生成可用的acos数据
Bash代码  
./Console/cake AclExtras.AclExtras aco_sync

五、补充login及logout

Php代码

  

Login

Form->create('User', array( 'url' => array( 'controller' => 'users', 'action' => 'login' ) )); echo $this->Form->input('User.username'); echo $this->Form->input('User.password'); echo $this->Form->end('Login'); ?> ############分割线######## // action public function login() { if ($this->Session->read('Auth.User')) { $this->Session->setFlash('You are logged in!'); return $this->redirect('/'); } }


Php代码

public function logout() {  
    $this->redirect($this->Auth->logout());  
}

六、ACO相关
acos 的展示利用TreeBehavior

Php代码

// /app/Model/Aco.php 文件  
public $actsAs = array('Tree');  
public $displayField = 'alias';  
  
// 输出  
$this->Aco->generateTreeList(null, null, null, '   ');

七、权限分配

Php代码

public function initDB() {  
    $group = $this->User->Group;  
  
    // Allow admins to everything  
    $group->id = 1;  
    $this->Acl->allow($group, 'controllers');  
  
    // allow managers to posts and widgets  
    $group->id = 2;  
    $this->Acl->deny($group, 'controllers');  
    $this->Acl->allow($group, 'controllers/Posts');  
    $this->Acl->allow($group, 'controllers/Widgets');  
  
    // allow users to only add and edit on posts and widgets  
    $group->id = 3;  
    $this->Acl->deny($group, 'controllers');  
    $this->Acl->allow($group, 'controllers/Posts/add');  
    $this->Acl->allow($group, 'controllers/Posts/edit');  
    $this->Acl->allow($group, 'controllers/Widgets/add');  
    $this->Acl->allow($group, 'controllers/Widgets/edit');  
  
    // allow basic users to log out  
    $this->Acl->allow($group, 'controllers/users/logout');  
  
    // we add an exit to avoid an ugly "missing views" error message  
    echo "all done";  
    exit;  
}

八、整理

Php代码  
/** 
     * custom beforeFilter 
     */  
    public function beforeFilter() {  
        parent::beforeFilter();  
        $this->Auth->allow('XXX');  
        // $this->Auth->allow();  
    }