- CakePHP 1.3 Application Development Cookbook
- Mariano Iglesias
- 604字
- 2021-04-09 22:04:15
Even though CakePHP provides a very powerful access control layer, sometimes we just need to implement user roles without having to go into the details of specifying which role is allowed access to which action.
This recipe shows how to limit access to certain actions by role-using routing prefixes, which constitutes a perfect solution for simple role-based authentication. In order to accomplish this recipe, we will assume the need to add three user roles in our application: administrators, managers, and users.
We should have a working authentication system, so follow the recipe, Setting up a basic authentication system. The users table should also contain a field to hold the user's role (named role.) Add this field with the following SQL statement:
ALTER TABLE `users` ADD COLUMN `role` VARCHAR(255) DEFAULT NULL AFTER `password`;
- Edit your
app/config/core.phpfile and look for the line that defines theRouting.prefixessetting. If it is commented out, uncomment it. Then change it to:Configure::write('Routing.prefixes', array('admin', 'manager')); - Add the following code at the end of your
UsersControllerclass definition:public function dashboard() { $role = $this->Auth->user('role'); if (!empty($role)) { $this->redirect(array($role => true, 'action' => 'dashboard')); } } public function admin_dashboard() { } public function manager_dashboard() { } - Create a view for each of these actions, and put content into it to reflect which view is being rendered. Therefore, you would have to create three files:
app/views/users/admin_dashboard.ctpapp/views/users/manager_dashboard.ctpapp/views/users/dashboard.ctp
For example, the contents for
dashboard.ctpcould simply be:<p>Dashboard (User)</p>
- Edit your
app/controllers/app_controller.phpfile and change thecomponentsproperty declaration to include the following setting for theAuthcomponent:public $components = array( 'Auth' => array( 'authorize' => 'controller', 'loginRedirect' => array( 'admin' => false, 'controller' => 'users', 'action' => 'dashboard' ) ), 'Session' );
- While still editing your
AppControllerclass, change theisAuthorizedmethod and replace it entirely with the following:public function isAuthorized() { $role = $this->Auth->user('role'); $neededRole = null; $prefix = !empty($this->params['prefix']) ? $this->params['prefix'] : null; if ( !empty($prefix) && in_array($prefix, Configure::read('Routing.prefixes')) ) { $neededRole = $prefix; } return ( empty($neededRole) || strcasecmp($role, 'admin') == 0 || strcasecmp($role, $neededRole) == 0 ); } - Copy the default CakePHP layout file named
default.ctpfrom yourcake/libs/view/layoutsfolder to your application'sapp/views/layoutsfolder. While editing this layout, place the following code in theapp/views/layouts/default.ctplayout file, right where you want the link to the dashboard to appear.<?php $dashboardUrl = array('controller'=>'users', 'action'=>'dashboard'); if (!empty($user['role'])) { $dashboardUrl[$user['role']] = true; } echo $this->Html->link('My Dashboard', $dashboardUrl); ?>
CakePHP will recognize prefixes defined in the Routing.prefixes setting as part of the URL, when they are preceding a normal route. For example, if admin is a defined prefix, the route /admin/articles/index will translate to the admin_index action in ArticlesController.
Since we are utilizing the controller authentication scheme in the Auth configuration, we know that every time a user is trying to access a non-public action, AppController::isAuthorized() is executed, and inside the method we set true if the user has access, or false otherwise.
Knowing that, we can check to see if a prefix is being used when a controller action is about to be executed. If the current route being accessed includes a prefix, we can match that prefix against the user's role to make sure they have access to the requested resource.
We are able to link to a role-only resource just by prefixing it with the appropriate prefix in the route. For example, to link to the manager's dashboard, the URL would be:
array( 'manager' => true, 'controller' => 'users', 'action' => 'dashboard' );
- Expert Cube Development with Microsoft SQL Server 2008 Analysis Services
- Spring Python 1.1
- PPT 2016幻燈片設(shè)計與制作從入門到精通
- Vivado從此開始(進(jìn)階篇)
- 綁定的藝術(shù):Maya高級角色骨骼綁定技法(第2版)
- CryENGINE 3 Cookbook
- Power Query從入門到精通
- Premiere pro CC中文版自學(xué)視頻教程
- Illustrator CC 2018 基礎(chǔ)與實戰(zhàn)教程(全彩版)
- Illustrator CS6平面設(shè)計案例教程(微課版)
- Microsoft Silverlight 4 Data and Services Cookbook: LITE
- Network Administration with FreeBSD 7
- NetBeans IDE 7 Cookbook
- Photoshop CC中文版案例培訓(xùn)教程
- 3ds Max+VRay三維動畫完全實戰(zhàn)技術(shù)手冊