AlessandroMinoccheri /
UserPermissions
@@ -19,40 +19,40 @@ discard block |
||
| 19 | 19 | |
| 20 | 20 | class UserPermissionsComponent extends Component { |
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * Controller name |
|
| 24 | - * |
|
| 25 | - * @var string |
|
| 26 | - */ |
|
| 22 | + /** |
|
| 23 | + * Controller name |
|
| 24 | + * |
|
| 25 | + * @var string |
|
| 26 | + */ |
|
| 27 | 27 | public $controller = null; |
| 28 | 28 | |
| 29 | - /** |
|
| 30 | - * Session |
|
| 31 | - * |
|
| 32 | - * @var string |
|
| 33 | - */ |
|
| 29 | + /** |
|
| 30 | + * Session |
|
| 31 | + * |
|
| 32 | + * @var string |
|
| 33 | + */ |
|
| 34 | 34 | public $session = null; |
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * Components array |
|
| 38 | - * |
|
| 39 | - * @var array |
|
| 40 | - */ |
|
| 36 | + /** |
|
| 37 | + * Components array |
|
| 38 | + * |
|
| 39 | + * @var array |
|
| 40 | + */ |
|
| 41 | 41 | public $components = ['Flash']; |
| 42 | 42 | |
| 43 | - private $actions; |
|
| 43 | + private $actions; |
|
| 44 | 44 | |
| 45 | - private $allow; |
|
| 45 | + private $allow; |
|
| 46 | 46 | |
| 47 | - private $redirect; |
|
| 47 | + private $redirect; |
|
| 48 | 48 | |
| 49 | - private $params; |
|
| 49 | + private $params; |
|
| 50 | 50 | |
| 51 | - private $message; |
|
| 51 | + private $message; |
|
| 52 | 52 | |
| 53 | - private $userType; |
|
| 53 | + private $userType; |
|
| 54 | 54 | |
| 55 | - private $action; |
|
| 55 | + private $action; |
|
| 56 | 56 | |
| 57 | 57 | /** |
| 58 | 58 | * Boolean value which holds the configuration for the behavior in case of |
@@ -60,23 +60,23 @@ discard block |
||
| 60 | 60 | */ |
| 61 | 61 | private $throwEx; |
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * Initialization to get controller variable |
|
| 65 | - * |
|
| 66 | - * For this component available settings: |
|
| 67 | - * bool throwEx - default false - if set to true, an exception will be |
|
| 68 | - * thrown, if a handler is about to be called but does not exist. |
|
| 69 | - * |
|
| 70 | - * @param array $config Configuration array for the component. |
|
| 71 | - */ |
|
| 72 | - public function initialize(array $config) |
|
| 73 | - { |
|
| 74 | - parent::initialize($config); |
|
| 63 | + /** |
|
| 64 | + * Initialization to get controller variable |
|
| 65 | + * |
|
| 66 | + * For this component available settings: |
|
| 67 | + * bool throwEx - default false - if set to true, an exception will be |
|
| 68 | + * thrown, if a handler is about to be called but does not exist. |
|
| 69 | + * |
|
| 70 | + * @param array $config Configuration array for the component. |
|
| 71 | + */ |
|
| 72 | + public function initialize(array $config) |
|
| 73 | + { |
|
| 74 | + parent::initialize($config); |
|
| 75 | 75 | |
| 76 | - $this->controller = $this->_registry->getController(); |
|
| 77 | - $this->session = $this->controller->request->session(); |
|
| 76 | + $this->controller = $this->_registry->getController(); |
|
| 77 | + $this->session = $this->controller->request->session(); |
|
| 78 | 78 | |
| 79 | - $this->actions = array(); |
|
| 79 | + $this->actions = array(); |
|
| 80 | 80 | $this->allow = true; |
| 81 | 81 | $this->redirect = ''; |
| 82 | 82 | $this->params = ''; |
@@ -84,56 +84,56 @@ discard block |
||
| 84 | 84 | $this->userType = ''; |
| 85 | 85 | $this->action = null; |
| 86 | 86 | $this->throwEx = isset($config["throwEx"]) && $config["throwEx"]; |
| 87 | - } |
|
| 88 | - |
|
| 89 | - /** |
|
| 90 | - * Initialization to get controller variable |
|
| 91 | - * |
|
| 92 | - * @param array $rules Array of rules for permissions. |
|
| 93 | - * @return bool false if user / group doesn't have permission, true if has permission |
|
| 94 | - */ |
|
| 95 | - public function allow ($rules) { |
|
| 96 | - $this->setUserValues(); |
|
| 97 | - $this->bindConfiguration($rules); |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + /** |
|
| 90 | + * Initialization to get controller variable |
|
| 91 | + * |
|
| 92 | + * @param array $rules Array of rules for permissions. |
|
| 93 | + * @return bool false if user / group doesn't have permission, true if has permission |
|
| 94 | + */ |
|
| 95 | + public function allow ($rules) { |
|
| 96 | + $this->setUserValues(); |
|
| 97 | + $this->bindConfiguration($rules); |
|
| 98 | 98 | |
| 99 | 99 | if (!$this->applyGroupsRules($rules)) { |
| 100 | 100 | $this->applyViewsRules($rules); |
| 101 | 101 | } |
| 102 | 102 | |
| 103 | 103 | return $this->allow; |
| 104 | - } |
|
| 104 | + } |
|
| 105 | 105 | |
| 106 | - private function setUserValues() |
|
| 107 | - { |
|
| 108 | - $userId = $this->session->read('Auth.User.id'); |
|
| 106 | + private function setUserValues() |
|
| 107 | + { |
|
| 108 | + $userId = $this->session->read('Auth.User.id'); |
|
| 109 | 109 | |
| 110 | - if (!isset($userId)) { |
|
| 110 | + if (!isset($userId)) { |
|
| 111 | 111 | $this->userType = 'guest'; |
| 112 | 112 | } |
| 113 | - } |
|
| 113 | + } |
|
| 114 | 114 | |
| 115 | - private function bindConfiguration(array $rules) |
|
| 116 | - { |
|
| 117 | - foreach($rules as $key => $value){ |
|
| 115 | + private function bindConfiguration(array $rules) |
|
| 116 | + { |
|
| 117 | + foreach($rules as $key => $value){ |
|
| 118 | 118 | switch($key){ |
| 119 | 119 | case "user_type": |
| 120 | - $this->userType = $value; |
|
| 121 | - break; |
|
| 122 | - case "redirect": |
|
| 123 | - $this->redirect = $value; |
|
| 124 | - break; |
|
| 125 | - case "action": |
|
| 126 | - $this->action = $value; |
|
| 127 | - break; |
|
| 128 | - case "controller": |
|
| 129 | - $this->controller = $value; |
|
| 120 | + $this->userType = $value; |
|
| 121 | + break; |
|
| 122 | + case "redirect": |
|
| 123 | + $this->redirect = $value; |
|
| 124 | + break; |
|
| 125 | + case "action": |
|
| 126 | + $this->action = $value; |
|
| 127 | + break; |
|
| 128 | + case "controller": |
|
| 129 | + $this->controller = $value; |
|
| 130 | 130 | if(!is_object($value)) { |
| 131 | 131 | Log::write("warn", sprintf("controller is not an object (%s)", gettype($value))); |
| 132 | 132 | } |
| 133 | - break; |
|
| 134 | - case "message": |
|
| 135 | - $this->message = $value; |
|
| 136 | - break; |
|
| 133 | + break; |
|
| 134 | + case "message": |
|
| 135 | + $this->message = $value; |
|
| 136 | + break; |
|
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | 139 | |
@@ -144,49 +144,49 @@ discard block |
||
| 144 | 144 | } |
| 145 | 145 | } |
| 146 | 146 | } |
| 147 | - } |
|
| 147 | + } |
|
| 148 | 148 | |
| 149 | - private function applyGroupsRules(array $rules) |
|
| 150 | - { |
|
| 151 | - $existRulesForGroups = false; |
|
| 149 | + private function applyGroupsRules(array $rules) |
|
| 150 | + { |
|
| 151 | + $existRulesForGroups = false; |
|
| 152 | 152 | |
| 153 | - if(isset($rules['groups'])){ |
|
| 153 | + if(isset($rules['groups'])){ |
|
| 154 | 154 | foreach($rules['groups'] as $key => $value){ |
| 155 | 155 | $this->searchForApplyGroupRules($key, $value); |
| 156 | 156 | } |
| 157 | 157 | } |
| 158 | 158 | |
| 159 | 159 | return $existRulesForGroups; |
| 160 | - } |
|
| 160 | + } |
|
| 161 | 161 | |
| 162 | - private function searchForApplyGroupRules($key) |
|
| 163 | - { |
|
| 164 | - if($key == $this->userType){ |
|
| 165 | - if ($this->notInArrayAction()) { |
|
| 162 | + private function searchForApplyGroupRules($key) |
|
| 163 | + { |
|
| 164 | + if($key == $this->userType){ |
|
| 165 | + if ($this->notInArrayAction()) { |
|
| 166 | 166 | $this->redirectIfIsSet(); |
| 167 | 167 | |
| 168 | 168 | $this->allow = false; |
| 169 | 169 | } |
| 170 | 170 | } |
| 171 | - } |
|
| 171 | + } |
|
| 172 | 172 | |
| 173 | - private function notInArrayAction() |
|
| 174 | - { |
|
| 175 | - return ((!in_array('*', $this->actions)) && (!in_array($this->action, $this->actions))); |
|
| 176 | - } |
|
| 173 | + private function notInArrayAction() |
|
| 174 | + { |
|
| 175 | + return ((!in_array('*', $this->actions)) && (!in_array($this->action, $this->actions))); |
|
| 176 | + } |
|
| 177 | 177 | |
| 178 | - private function applyViewsRules(array $rules) |
|
| 179 | - { |
|
| 180 | - if(isset($rules['views'])){ |
|
| 178 | + private function applyViewsRules(array $rules) |
|
| 179 | + { |
|
| 180 | + if(isset($rules['views'])){ |
|
| 181 | 181 | foreach($rules['views'] as $key => $value){ |
| 182 | 182 | $this->searchForApplyViewRules($key, $value); |
| 183 | 183 | } |
| 184 | 184 | } |
| 185 | - } |
|
| 185 | + } |
|
| 186 | 186 | |
| 187 | - private function searchForApplyViewRules($key, $value) |
|
| 188 | - { |
|
| 189 | - if($key == $this->action){ |
|
| 187 | + private function searchForApplyViewRules($key, $value) |
|
| 188 | + { |
|
| 189 | + if($key == $this->action){ |
|
| 190 | 190 | // about to call the view handler, so check first if it exists |
| 191 | 191 | if(!method_exists($this->controller, $value)) { |
| 192 | 192 | $msg = sprintf( |
@@ -209,11 +209,11 @@ discard block |
||
| 209 | 209 | $this->allow = false; |
| 210 | 210 | } |
| 211 | 211 | } |
| 212 | - } |
|
| 212 | + } |
|
| 213 | 213 | |
| 214 | - private function redirectIfIsSet() |
|
| 215 | - { |
|
| 216 | - if($this->redirect != ''){ |
|
| 214 | + private function redirectIfIsSet() |
|
| 215 | + { |
|
| 216 | + if($this->redirect != ''){ |
|
| 217 | 217 | if($this->message != ''){ |
| 218 | 218 | $this->Flash->set($this->message); |
| 219 | 219 | } |
