Class DbAcl
DbAcl implements an ACL control system in the database. ARO's and ACO's are structured into trees and a linking table is used to define permissions. You can install the schema for DbAcl with the Schema Shell.
$aco
and $aro
parameters can be slash delimited paths to tree nodes.
eg. controllers/Users/edit
Would point to a tree structure like
{{{ controllers Users edit }}}
- Object
- DbAcl implements AclInterface
Copyright: Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
License: License (http://www.opensource.org/licenses/mit-license.php)
Location: Cake/Controller/Component/AclComponent.php
Method Summary
-
__construct() public
Constructor -
_getAcoKeys() protected
Get the keys used in an ACO -
allow() public
Allow $aro to have access to action $actions in $aco -
check() public
Checks if the given $aro has access to action $action in $aco -
deny() public
Deny access for $aro to action $action in $aco -
getAclLink() public
Get an array of access-control links between the given Aro and Aco -
grant() public
Allow $aro to have access to action $actions in $aco -
inherit() public
Let access for $aro to action $action in $aco be inherited -
initialize() public
Initializes the containing component and sets the Aro/Aco objects to it. -
revoke() public
Deny access for $aro to action $action in $aco
Method Detail
_getAcoKeys() protected ¶
_getAcoKeys( array $keys )
Get the keys used in an ACO
Parameters
- array $keys
- Permission model info
Returns
ACO keys
allow() public ¶
allow( string $aro , string $aco , string $actions = "*" , integer $value = 1 )
Allow $aro to have access to action $actions in $aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $actions optional "*"
- Action (defaults to *)
- integer $value optional 1
- Value to indicate access type (1 to give access, -1 to deny, 0 to inherit)
Returns
Success
Link
Implementation of
check() public ¶
check( string $aro , string $aco , string $action = "*" )
Checks if the given $aro has access to action $action in $aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $action optional "*"
- Action (defaults to *)
Returns
Success (true if ARO has access to action in ACO, false otherwise)
Link
Implementation of
deny() public ¶
deny( string $aro , string $aco , string $action = "*" )
Deny access for $aro to action $action in $aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $action optional "*"
- Action (defaults to *)
Returns
Success
Link
Implementation of
getAclLink() public ¶
getAclLink( string $aro , string $aco )
Get an array of access-control links between the given Aro and Aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
Returns
Indexed array with: 'aro', 'aco' and 'link'
grant() public ¶
grant( string $aro , string $aco , string $action = "*" )
Allow $aro to have access to action $actions in $aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $action optional "*"
- Action (defaults to *)
Returns
Success
See
inherit() public ¶
inherit( string $aro , string $aco , string $action = "*" )
Let access for $aro to action $action in $aco be inherited
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $action optional "*"
- Action (defaults to *)
Returns
Success
Implementation of
initialize() public ¶
initialize( AclComponent
$component )
Initializes the containing component and sets the Aro/Aco objects to it.
Parameters
-
AclComponent
$component
Implementation of
revoke() public ¶
revoke( string $aro , string $aco , string $action = "*" )
Deny access for $aro to action $action in $aco
Parameters
- string $aro
- ARO The requesting object identifier.
- string $aco
- ACO The controlled object identifier.
- string $action optional "*"
- Action (defaults to *)
Returns
Success
See
Methods inherited from Object
_mergeVars() protected ¶
_mergeVars( array $properties , string $class , boolean $normalize = true )
Merges this objects $property with the property in $class' definition. This classes value for the property will be merged on top of $class'
This provides some of the DRY magic CakePHP provides. If you want to shut it off, redefine this method as an empty function.
Parameters
- array $properties
- The name of the properties to merge.
- string $class
- The class to merge the property with.
- boolean $normalize optional true
- Set to true to run the properties through Set::normalize() before merging.
_set() protected ¶
_set( array $properties = array() )
Allows setting of multiple properties of the object in a single line of code. Will only set properties that are part of a class declaration.
Parameters
- array $properties optional array()
- An associative array containing properties and corresponding values.
_stop() protected ¶
_stop( integer|string $status = 0 )
Stop execution of the current script. Wraps exit() making testing easier.
Parameters
- integer|string $status optional 0
- see http://php.net/exit for values
dispatchMethod() public ¶
dispatchMethod( string $method , array $params = array() )
Calls a method on this object with the given parameters. Provides an OO wrapper
for call_user_func_array
Parameters
- string $method
- Name of the method to call
- array $params optional array()
- Parameter list to use when calling $method
Returns
Returns the result of the method call
log() public ¶
log( string $msg , integer $type = LOG_ERROR )
Convenience method to write a message to CakeLog. See CakeLog::write() for more information on writing to logs.
Parameters
- string $msg
- Log message
- integer $type optional LOG_ERROR
- Error type constant. Defined in app/Config/core.php.
Returns
Success of log write
requestAction() public ¶
requestAction( mixed $url , array $extra = array() )
Calls a controller's method from any location. Can be used to connect controllers together or tie plugins into a main application. requestAction can be used to return rendered views or fetch the return value from controller actions.
Under the hood this method uses Router::reverse() to convert the $url parameter into a string URL. You should use URL formats that are compatible with Router::reverse()
Passing POST and GET data
POST and GET data can be simulated in requestAction. Use $extra['url']
for
GET data. The $extra['data']
parameter allows POST data simulation.
Parameters
- mixed $url
String or array-based url. Unlike other url arrays in CakePHP, this url will not automatically handle passed and named arguments in the $url parameter.
- array $extra optional array()
if array includes the key "return" it sets the AutoRender to true. Can also be used to submit GET/POST data, and named/passed arguments.
Returns
Boolean true or false on success/failure, or contents of rendered action if 'return' is set in $extra.
toString() public ¶
toString( )
Object-to-string conversion. Each class can override this method as necessary.
Returns
The name of this class