Cakephp Separate access without component ACL.
At the moment I am writing a system on a bunch of CakePHP and MS SQL. At first I tried using the standard ACL component, but it turned out that CakePHP does not fully support MS SQL (at least in this component). Therefore it was necessary to invent the following method of access sharing.
It is assumed that we have a User model that describes the user, and there is an is_admin field in it that defines its membership in the administrator group. So there are three groups: guests, users, and administrators.
To implement the approach, you need to add code to app_controller.php
<? php
class AppController extends Controller
{
function beforeFilter ()
{
$ allowedToUsers = isset ($ this-> allowedToUsers)? $ this-> allowedToUsers: array ();
$ allowedToGuests = isset ($ this-> allowedToGuests)? $ this-> allowedToGuests: array ();
$ group = $ this-> userGroup ();
')
switch ($ group)
{
case 'user':
if (! in_array ($ this-> action, $ allowedToUsers))
{
$ this-> redirect ('/ pages / norights');
}
break;
case 'guest':
if (! in_array ($ this-> action, $ allowedToGuests))
{
$ this-> redirect ('/ users / login');
}
break;
}
}
function userGroup ()
{
$ user = $ this-> Session-> read ('User');
$ ret = ";
if (empty ($ user ['name']))
{
$ ret = 'guest';
}
else if (intval ($ user ['is_admin']) == 1)
{
$ ret = 'admin';
}
else
{
$ ret = 'user';
}
return $ ret;
}
}
?>
It remains to establish restrictions in the application controllers. To do this, add the $ allowedToUsers and $ allowedToGuests arrays containing the list of controller actions to which the respective groups are allowed to access (it is assumed that all administrators are allowed).
class StudentsController extends AppController {
var $ name = 'Students';
var $ helpers = array ('Html', 'Form', 'Time');
var $ allowedToUsers = array ('index', 'view', 'add', 'edit', 'delete');
var $ allowedToGuests = array ();
Is done.
It is assumed that we have a User model that describes the user, and there is an is_admin field in it that defines its membership in the administrator group. So there are three groups: guests, users, and administrators.
To implement the approach, you need to add code to app_controller.php
<? php
class AppController extends Controller
{
function beforeFilter ()
{
$ allowedToUsers = isset ($ this-> allowedToUsers)? $ this-> allowedToUsers: array ();
$ allowedToGuests = isset ($ this-> allowedToGuests)? $ this-> allowedToGuests: array ();
$ group = $ this-> userGroup ();
')
switch ($ group)
{
case 'user':
if (! in_array ($ this-> action, $ allowedToUsers))
{
$ this-> redirect ('/ pages / norights');
}
break;
case 'guest':
if (! in_array ($ this-> action, $ allowedToGuests))
{
$ this-> redirect ('/ users / login');
}
break;
}
}
function userGroup ()
{
$ user = $ this-> Session-> read ('User');
$ ret = ";
if (empty ($ user ['name']))
{
$ ret = 'guest';
}
else if (intval ($ user ['is_admin']) == 1)
{
$ ret = 'admin';
}
else
{
$ ret = 'user';
}
return $ ret;
}
}
?>
It remains to establish restrictions in the application controllers. To do this, add the $ allowedToUsers and $ allowedToGuests arrays containing the list of controller actions to which the respective groups are allowed to access (it is assumed that all administrators are allowed).
class StudentsController extends AppController {
var $ name = 'Students';
var $ helpers = array ('Html', 'Form', 'Time');
var $ allowedToUsers = array ('index', 'view', 'add', 'edit', 'delete');
var $ allowedToGuests = array ();
Is done.
Source: https://habr.com/ru/post/20259/
All Articles