【发布时间】:2013-02-25 03:52:24
【问题描述】:
我正在使用 cake 2.x
我也在使用 Auth 和 Acl 组件。
我想允许所有登录用户执行一个操作。
但这导致我多次编写此代码,然后运行 initDB。
public function initDB() {
$group = $this->User->Group;
//Allow ADMINISTRATORS to everything
$group->id = ADMINISTRATORS;
$this->Acl->allow($group, 'controllers');
//allow SALES_MANAGERS to upload SOW file at `products`
$group->id = SALES_MANAGERS;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Pages');
//allow SOLUTION_ARCHITECTS to only add and edit on posts and widgets
$group->id = SOLUTION_ARCHITECTS;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Pages');
//allow IMPLEMENTATION_MANAGERS to only add and edit on posts and widgets
$group->id = IMPLEMENTATION_MANAGERS;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Pages');
//we add an exit to avoid an ugly "missing views" error message
echo "all done";
exit;
}
正如您所注意到的,我需要允许页面访问所有不同的组。
我更喜欢类似于 Auth->allow 的简单方法,它始终允许所有登录用户执行某些操作。
谢谢。
更新
这是我的解决方法。有更好的解决方案吗?
public function initDB() {
$group = $this->User->Group;
... // didn't want to repeat this part which is same as above.
// we allow all groups the following actions
$onlyForLoggedInUsers = array(
'controllers/Users/logout',
'controllers/Pages',
);
$this->_allowAllGroupsThisAction($onlyForLoggedInUsers);
//we add an exit to avoid an ugly "missing views" error message
echo "all done";
exit;
}
protected function _allowAllGroupsThisAction($actions) {
$groups = array(SALES_MANAGERS, SOLUTION_ARCHITECTS, IMPLEMENTATION_MANAGERS);
$actions = (array)$actions;
$group = $this->User->Group;
foreach ($groups as $id) {
$group->id = $id;
foreach($actions as $action) {
$this->Acl->allow($group, $action);
}
}
}
【问题讨论】:
标签: cakephp authentication cakephp-2.0 acl cakephp-2.1