欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

CakePHP项目中引入Auth & Acl 控制

程序员文章站 2022-05-09 17:00:39
...

PS:原创文章,如需转载,请注明出处,谢谢!     

本文地址:http://flyer0126.iteye.com/blog/2212975

 

     在此简单记录操作步骤,以备后期查阅。

     一、引入auth /app/Controller/AppController.php

class AppController extends Controller {
    public $components = array(
        'Acl',
        'Auth' => array(
            'authorize' => array(
                'Actions' => array('actionPath' => 'controllers')
            )
        ),
        'Session'
    );
    public $helpers = array('Html', 'Form', 'Session');

    public function beforeFilter() {
        //Configure AuthComponent
        $this->Auth->loginAction = array(
          'controller' => 'users',
          'action' => 'login'
        );
        $this->Auth->logoutRedirect = array(
          'controller' => 'users',
          'action' => 'login'
        );
        $this->Auth->loginRedirect = array(
          'controller' => 'posts',
          'action' => 'add'
        );
    }
}

     二、生成acl表

./Console/cake schema create DbAcl

  三、添加组及用户

    设置Model文件 /app/Model/User.php

class User extends AppModel {
    public $belongsTo = array('Group');
    public $actsAs = array('Acl' => array('type' => 'requester'));

    public function parentNode() {
        if (!$this->id && empty($this->data)) {
            return null;
        }
        if (isset($this->data['User']['group_id'])) {
            $groupId = $this->data['User']['group_id'];
        } else {
            $groupId = $this->field('group_id');
        }
        if (!$groupId) {
            return null;
        }
        return array('Group' => array('id' => $groupId));
    }
    public function bindNode($user) {
        return array('model' => 'Group', 'foreign_key' => $user['User']['group_id']);
    }
 }

    文件 /app/Model/Group.php

class Group extends AppModel {
    public $actsAs = array('Acl' => array('type' => 'requester'));

    public function parentNode() {
        return null;
    }
}

    利用bake生成Users、Groups的mvc文件,添加组及用户,生成aros数据。

四、利用AclExtras 生成aco表数据
下载AclExtras 安装至/app/Plugin/ 目录下
//app/Config/boostrap.php
// ...
CakePlugin::load('AclExtras');
  利用bash命令生成可用的acos数据
./Console/cake AclExtras.AclExtras aco_sync
  五、补充login及logout
<!-- login.ctp -->
<h2>Login</h2>
<?php
echo $this->Form->create('User', array(
    'url' => array(
        'controller' => 'users',
        'action' => 'login'
    )
));
echo $this->Form->input('User.username');
echo $this->Form->input('User.password');
echo $this->Form->end('Login');
?>
############分割线########
// action
public function login() {
    if ($this->Session->read('Auth.User')) {
        $this->Session->setFlash('You are logged in!');
        return $this->redirect('/');
    }
}
 
public function logout() {
    $this->redirect($this->Auth->logout());
}
  六、ACO相关
    acos 的展示利用TreeBehavior
// /app/Model/Aco.php 文件
public $actsAs = array('Tree');
public $displayField = 'alias';

// 输出
$this->Aco->generateTreeList(null, null, null, '&nbsp;&nbsp;&nbsp;');
  七、权限分配
public function initDB() {
    $group = $this->User->Group;

    // Allow admins to everything
    $group->id = 1;
    $this->Acl->allow($group, 'controllers');

    // allow managers to posts and widgets
    $group->id = 2;
    $this->Acl->deny($group, 'controllers');
    $this->Acl->allow($group, 'controllers/Posts');
    $this->Acl->allow($group, 'controllers/Widgets');

    // allow users to only add and edit on posts and widgets
    $group->id = 3;
    $this->Acl->deny($group, 'controllers');
    $this->Acl->allow($group, 'controllers/Posts/add');
    $this->Acl->allow($group, 'controllers/Posts/edit');
    $this->Acl->allow($group, 'controllers/Widgets/add');
    $this->Acl->allow($group, 'controllers/Widgets/edit');

    // allow basic users to log out
    $this->Acl->allow($group, 'controllers/users/logout');

    // we add an exit to avoid an ugly "missing views" error message
    echo "all done";
    exit;
}
八、整理
/**
     * custom beforeFilter
     */
    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('XXX');
        // $this->Auth->allow();
    }