开发者

ACL groups with subgroups

问答 作者:

I have working ACL groups

-client

-member

-manager

and need to put them down to ALL group as 开发者_如何学Gosubgroups

ALL

-client

-member

-manager

to add the permissiions to ALL, so 3 other will inherit it,

what is the right way to do it?

I assume that you have the necessary Users & Groups models and you're gonna use CakePHP's ACL behavior. I also assume that you have the 'acos', 'aros', & 'aros_acos' table.

You need to make your Groups a Tree type:

class Groups extends AppModel {
    var $actsAs = array('Tree', 'Acl' => array('type' => 'requester'));

    function parentNode() {
        return null;
    }

}

and in MySQL, your group table should have these fields - id, parent_id, lft, rght, name(or description). The first four fields are necessary in order for the Tree behavior to work.

In groups_controller.php:

function add($parentId = null){
    if(!empty($this->data)){
        if($this->Group->save($this->data)) {
            $this->Session->setFlash(__('The group has been saved.', true));
            $this->redirect(array('action'=>'index'));
        } else {
            $this->Session->setFlash(__('The group could not be saved. Please try again.', true));
        }
    }
    $this->set(compact('parentId'));
}

In User model:

class User extends AppModel {

var $name = 'User';
var $belongsTo = array('Group');
var $actsAs = array('Acl' => array('type' => 'requester'));

function parentNode() {
    if (!$this->id && empty($this->data)) {
        return null;
    }
    if (isset($this->data['User']['group_id'])) {
    $groupId = $this->data['User']['group_id'];
    } else {
        $groupId = $this->field('group_id');
    }
    if (!$groupId) {
    return null;
    } else {
        return array('Group' => array('id' => $groupId));
    }
}


}

Now everytime you add a new group or user, the AROS table is automatically updated. Then you need to set the permissions for each node on AROS_ACOS table. Unfortunately, there is no easy way to do this in CakePHP.

You could place this code inside groups_controller.php and then run /groups/build_acl everytime you add/delete users/groups:

function initDB() {
    $group =& $this->User->Group;
    //Allow ALL to everything
    $group->id = 1;     
    $this->Acl->allow($group, 'controllers');

    //allow managers to posts and widgets
    $group->id = 2;
    $this->Acl->deny($group, 'controllers');
    $this->Acl->allow($group, 'controllers/Posts');
    $this->Acl->allow($group, 'controllers/Widgets');

    //allow client to only add and edit on posts and widgets
    $group->id = 3;
    $this->Acl->deny($group, 'controllers');        
    $this->Acl->allow($group, 'controllers/Posts/add');
    $this->Acl->allow($group, 'controllers/Posts/edit');        
    $this->Acl->allow($group, 'controllers/Widgets/add');
    $this->Acl->allow($group, 'controllers/Widgets/edit');
    //we add an exit to avoid an ugly "missing views" error message
    echo "all done";
    exit;
}

I hope this helps. Most of the codes were taken from CakePHP online docs.

继续阅读:aclcakephpgroupingpermissions

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9