AlessandroMinoccheri /
UserPermissions
@@ -189,6 +189,9 @@ |
||
| 189 | 189 | } |
| 190 | 190 | } |
| 191 | 191 | |
| 192 | + /** |
|
| 193 | + * @param string $controller |
|
| 194 | + */ |
|
| 192 | 195 | private function checkForHandler($controller, $handler) |
| 193 | 196 | { |
| 194 | 197 | if(!method_exists($controller, $handler)) { |
@@ -11,40 +11,40 @@ discard block |
||
| 11 | 11 | |
| 12 | 12 | class UserPermissionsComponent extends Component { |
| 13 | 13 | |
| 14 | - /** |
|
| 15 | - * Controller name |
|
| 16 | - * |
|
| 17 | - * @var string |
|
| 18 | - */ |
|
| 14 | + /** |
|
| 15 | + * Controller name |
|
| 16 | + * |
|
| 17 | + * @var string |
|
| 18 | + */ |
|
| 19 | 19 | public $controller = null; |
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * Session |
|
| 23 | - * |
|
| 24 | - * @var string |
|
| 25 | - */ |
|
| 21 | + /** |
|
| 22 | + * Session |
|
| 23 | + * |
|
| 24 | + * @var string |
|
| 25 | + */ |
|
| 26 | 26 | public $session = null; |
| 27 | 27 | |
| 28 | - /** |
|
| 29 | - * Components array |
|
| 30 | - * |
|
| 31 | - * @var array |
|
| 32 | - */ |
|
| 28 | + /** |
|
| 29 | + * Components array |
|
| 30 | + * |
|
| 31 | + * @var array |
|
| 32 | + */ |
|
| 33 | 33 | public $components = ['Flash']; |
| 34 | 34 | |
| 35 | - private $actions; |
|
| 35 | + private $actions; |
|
| 36 | 36 | |
| 37 | - private $allow; |
|
| 37 | + private $allow; |
|
| 38 | 38 | |
| 39 | - private $redirect; |
|
| 39 | + private $redirect; |
|
| 40 | 40 | |
| 41 | - private $params; |
|
| 41 | + private $params; |
|
| 42 | 42 | |
| 43 | - private $message; |
|
| 43 | + private $message; |
|
| 44 | 44 | |
| 45 | - private $userType; |
|
| 45 | + private $userType; |
|
| 46 | 46 | |
| 47 | - private $action; |
|
| 47 | + private $action; |
|
| 48 | 48 | |
| 49 | 49 | /** |
| 50 | 50 | * Boolean value which holds the configuration for the behavior in case of |
@@ -52,23 +52,23 @@ discard block |
||
| 52 | 52 | */ |
| 53 | 53 | private $throwEx; |
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * Initialization to get controller variable |
|
| 57 | - * |
|
| 58 | - * For this component available settings: |
|
| 59 | - * bool throwEx - default false - if set to true, an exception will be |
|
| 60 | - * thrown, if a handler is about to be called but does not exist. |
|
| 61 | - * |
|
| 62 | - * @param array $config Configuration array for the component. |
|
| 63 | - */ |
|
| 64 | - public function initialize(array $config) |
|
| 65 | - { |
|
| 66 | - parent::initialize($config); |
|
| 55 | + /** |
|
| 56 | + * Initialization to get controller variable |
|
| 57 | + * |
|
| 58 | + * For this component available settings: |
|
| 59 | + * bool throwEx - default false - if set to true, an exception will be |
|
| 60 | + * thrown, if a handler is about to be called but does not exist. |
|
| 61 | + * |
|
| 62 | + * @param array $config Configuration array for the component. |
|
| 63 | + */ |
|
| 64 | + public function initialize(array $config) |
|
| 65 | + { |
|
| 66 | + parent::initialize($config); |
|
| 67 | 67 | |
| 68 | - $this->controller = $this->_registry->getController(); |
|
| 69 | - $this->session = $this->controller->request->session(); |
|
| 68 | + $this->controller = $this->_registry->getController(); |
|
| 69 | + $this->session = $this->controller->request->session(); |
|
| 70 | 70 | |
| 71 | - $this->actions = array(); |
|
| 71 | + $this->actions = array(); |
|
| 72 | 72 | $this->allow = true; |
| 73 | 73 | $this->redirect = ''; |
| 74 | 74 | $this->params = ''; |
@@ -76,56 +76,56 @@ discard block |
||
| 76 | 76 | $this->userType = ''; |
| 77 | 77 | $this->action = null; |
| 78 | 78 | $this->throwEx = isset($config["throwEx"]) && $config["throwEx"]; |
| 79 | - } |
|
| 80 | - |
|
| 81 | - /** |
|
| 82 | - * Initialization to get controller variable |
|
| 83 | - * |
|
| 84 | - * @param array $rules Array of rules for permissions. |
|
| 85 | - * @return bool false if user / group doesn't have permission, true if has permission |
|
| 86 | - */ |
|
| 87 | - public function allow ($rules) { |
|
| 88 | - $this->setUserValues(); |
|
| 89 | - $this->bindConfiguration($rules); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + /** |
|
| 82 | + * Initialization to get controller variable |
|
| 83 | + * |
|
| 84 | + * @param array $rules Array of rules for permissions. |
|
| 85 | + * @return bool false if user / group doesn't have permission, true if has permission |
|
| 86 | + */ |
|
| 87 | + public function allow ($rules) { |
|
| 88 | + $this->setUserValues(); |
|
| 89 | + $this->bindConfiguration($rules); |
|
| 90 | 90 | |
| 91 | 91 | if (!$this->applyGroupsRules($rules)) { |
| 92 | 92 | $this->applyViewsRules($rules); |
| 93 | 93 | } |
| 94 | 94 | |
| 95 | 95 | return $this->allow; |
| 96 | - } |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - private function setUserValues() |
|
| 99 | - { |
|
| 100 | - $userId = $this->session->read('Auth.User.id'); |
|
| 98 | + private function setUserValues() |
|
| 99 | + { |
|
| 100 | + $userId = $this->session->read('Auth.User.id'); |
|
| 101 | 101 | |
| 102 | - if (!isset($userId)) { |
|
| 102 | + if (!isset($userId)) { |
|
| 103 | 103 | $this->userType = 'guest'; |
| 104 | 104 | } |
| 105 | - } |
|
| 105 | + } |
|
| 106 | 106 | |
| 107 | - private function bindConfiguration(array $rules) |
|
| 108 | - { |
|
| 109 | - foreach($rules as $key => $value){ |
|
| 107 | + private function bindConfiguration(array $rules) |
|
| 108 | + { |
|
| 109 | + foreach($rules as $key => $value){ |
|
| 110 | 110 | switch($key){ |
| 111 | 111 | case "user_type": |
| 112 | - $this->userType = $value; |
|
| 113 | - break; |
|
| 114 | - case "redirect": |
|
| 115 | - $this->redirect = $value; |
|
| 116 | - break; |
|
| 117 | - case "action": |
|
| 118 | - $this->action = $value; |
|
| 119 | - break; |
|
| 120 | - case "controller": |
|
| 121 | - $this->controller = $value; |
|
| 112 | + $this->userType = $value; |
|
| 113 | + break; |
|
| 114 | + case "redirect": |
|
| 115 | + $this->redirect = $value; |
|
| 116 | + break; |
|
| 117 | + case "action": |
|
| 118 | + $this->action = $value; |
|
| 119 | + break; |
|
| 120 | + case "controller": |
|
| 121 | + $this->controller = $value; |
|
| 122 | 122 | if(!is_object($value)) { |
| 123 | 123 | Log::write("warning", sprintf("controller is not an object (%s)", gettype($value))); |
| 124 | 124 | } |
| 125 | - break; |
|
| 126 | - case "message": |
|
| 127 | - $this->message = $value; |
|
| 128 | - break; |
|
| 125 | + break; |
|
| 126 | + case "message": |
|
| 127 | + $this->message = $value; |
|
| 128 | + break; |
|
| 129 | 129 | } |
| 130 | 130 | } |
| 131 | 131 | |
@@ -136,56 +136,56 @@ discard block |
||
| 136 | 136 | } |
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | - } |
|
| 139 | + } |
|
| 140 | 140 | |
| 141 | - private function applyGroupsRules(array $rules) |
|
| 142 | - { |
|
| 143 | - $existRulesForGroups = false; |
|
| 141 | + private function applyGroupsRules(array $rules) |
|
| 142 | + { |
|
| 143 | + $existRulesForGroups = false; |
|
| 144 | 144 | |
| 145 | - if(isset($rules['groups'])){ |
|
| 145 | + if(isset($rules['groups'])){ |
|
| 146 | 146 | foreach($rules['groups'] as $key => $value){ |
| 147 | 147 | $this->searchForApplyGroupRules($key, $value); |
| 148 | 148 | } |
| 149 | 149 | } |
| 150 | 150 | |
| 151 | 151 | return $existRulesForGroups; |
| 152 | - } |
|
| 152 | + } |
|
| 153 | 153 | |
| 154 | - private function searchForApplyGroupRules($key) |
|
| 155 | - { |
|
| 156 | - if($key == $this->userType){ |
|
| 157 | - if ($this->notInArrayAction()) { |
|
| 154 | + private function searchForApplyGroupRules($key) |
|
| 155 | + { |
|
| 156 | + if($key == $this->userType){ |
|
| 157 | + if ($this->notInArrayAction()) { |
|
| 158 | 158 | $this->redirectIfIsSet(); |
| 159 | 159 | |
| 160 | 160 | $this->allow = false; |
| 161 | 161 | } |
| 162 | 162 | } |
| 163 | - } |
|
| 163 | + } |
|
| 164 | 164 | |
| 165 | - private function notInArrayAction() |
|
| 166 | - { |
|
| 167 | - return ((!in_array('*', $this->actions)) && (!in_array($this->action, $this->actions))); |
|
| 168 | - } |
|
| 165 | + private function notInArrayAction() |
|
| 166 | + { |
|
| 167 | + return ((!in_array('*', $this->actions)) && (!in_array($this->action, $this->actions))); |
|
| 168 | + } |
|
| 169 | 169 | |
| 170 | - private function applyViewsRules(array $rules) |
|
| 171 | - { |
|
| 172 | - if(isset($rules['views'])){ |
|
| 170 | + private function applyViewsRules(array $rules) |
|
| 171 | + { |
|
| 172 | + if(isset($rules['views'])){ |
|
| 173 | 173 | foreach($rules['views'] as $key => $value){ |
| 174 | 174 | $this->searchForApplyViewRules($key, $value); |
| 175 | 175 | } |
| 176 | 176 | } |
| 177 | - } |
|
| 177 | + } |
|
| 178 | 178 | |
| 179 | - private function searchForApplyViewRules($key, $value) |
|
| 180 | - { |
|
| 181 | - if($key == $this->action) { |
|
| 179 | + private function searchForApplyViewRules($key, $value) |
|
| 180 | + { |
|
| 181 | + if($key == $this->action) { |
|
| 182 | 182 | if(!$this->checkForHandler($this->controller, $value) || !$this->controller->$value()){ |
| 183 | 183 | $this->redirectIfIsSet(); |
| 184 | 184 | |
| 185 | 185 | $this->allow = false; |
| 186 | 186 | } |
| 187 | 187 | } |
| 188 | - } |
|
| 188 | + } |
|
| 189 | 189 | |
| 190 | 190 | private function checkForHandler($controller, $handler) |
| 191 | 191 | { |
@@ -206,9 +206,9 @@ discard block |
||
| 206 | 206 | return true; |
| 207 | 207 | } |
| 208 | 208 | |
| 209 | - private function redirectIfIsSet() |
|
| 210 | - { |
|
| 211 | - if($this->redirect != ''){ |
|
| 209 | + private function redirectIfIsSet() |
|
| 210 | + { |
|
| 211 | + if($this->redirect != ''){ |
|
| 212 | 212 | if($this->message != ''){ |
| 213 | 213 | $this->Flash->set($this->message); |
| 214 | 214 | } |
