Plugin that extends the functionality of AclComponente by caching all the access permissions at login, and provide special functions and a helper for the treatment of links.
Compatible with CakePHP v 1.3
- Loads all permissions at login, and logout if necessary to make new definitions wanted access to take effect. However, this disadvantage can be "reversed" by the special function
checkDB()in this plugin.
- Loads all permissions at login, avoiding excesses of consultations in the data base;
- Can be called by the controller or view;
- It has special features like:
checkIfOne(),checkIfAll()andcheckDB(); - It has Acl_HTML helper that displays links to you only for users with permission.
If you want to start a new project with ACL_Caching, see this tutorial: http://pedroelsner.com/2011/07/controle-de-acesso-a-nivel-grupo-usuario-no-cakephp/
Download the plugin and place its contents inside /app/plugins/acl_caching or other directory plugins for CakePHP.
Edit the file /app/app_controller.php:
var $components = array(
'Auth',
'Session',
'RequestHandler',
'AclCaching.AclCaching' => array(
'use' => array(
'contain' => false
),
'aro' => array(
'model' => 'Group',
'primaryKey' => 'id',
'displayField' => 'name',
'foreignKey' => 'group_id'
)
)
);
var $helpers = array(
'Session',
'AclCaching.AclHtml'
);
Settings parameters:
- contain: If you set the recursive models of all to -1, set this to TRUE;
- model: Enter the model name of the groups;
- primaryKey: Enter the field name;
- displayField: Enter the field name;
- foreignKey: Enter the field name that appears into table users.
To set the rules of permissions for the user groups, access http://seusite.com/admin/acl_caching/acl/
You can call the functions in the plugin controllers using $ this->Acl or $this-> AclCaching, you also can call them in views through the variables $Acl and $AclCaching.
This function checks if the logged in user may access to URL.
/**
* Controller
*/
if ($this->AclCaching->check(null, array('controller' => 'usuarios', 'action' => 'admin_index')))
{
// Has permission
}
/**
* View
*/
if ($AclCaching->check(null, array('controller' => 'usuarios', 'action' => 'admin_index')))
{
// Has permission
}
This function checks if the logged in user may access to at least a URL.
$urls = array(
array(
'controller' => 'groups',
'action' => 'admin_add'
),
array(
'controller' => 'acl',
'action' => 'admin_index',
'plugion' => 'acl_caching'
)
);
/**
* Controller
*/
if ($this->AclCaching->checkIfOne(null, $urls))
{
// Has permission
}
/**
* View
*/
if ($AclCaching->checkIfOne(null, $urls))
{
// Has permission
}
This function checks if the logged in user may access to ALL urls.
$urls = array(
array(
'controller' => 'groups',
'action' => 'admin_add'
),
array(
'action' => 'admin_delete'
)
);
/**
* Controller
*/
if ($this->AclCaching->checkIfAll(null, $urls))
{
// Has permission
}
/**
* View
*/
if ($AclCaching->checkIfAll(null, $urls))
{
// Has permission
}
This function is used to check the access permission for a particular user to a specific URL, checking directly in the database.
Thus, the plugin writes the access permissions in a session variable on login, you can use it to force the system to use the database to check the access permission.
/**
* Controller
*/
if ($this->AclCaching->checkDB(array('Model' => 'Usuario', 'foreignKey' => 2), array('action' => 'admin_index')))
{
// Has permission
}
/**
* View
*/
if ($AclCaching->checkDB(array('Model' => 'Usuario', 'foreignKey' => 2), array('action' => 'admin_index')))
{
// Has permission
}
When using Auth and ACL, in order to allow access to all actions of the system we use the function $ this-> Auth-> allow ("*"). Now, using the plugin will use ACL_Caching $this->AclCaching->forceAllow().
Calling this function, turn off all the permit system, freeing up access to all actions of the system and displaying all the helper Acl_HTML links:
// Allow ALL $this->AclCaching->forceAllow();
Deletes the session that holds the access permissions. The plugin automatically loads all the permissions check when the function check() is requested.
// Controller $this->AclCaching->flushCache(); // View $AclCaching->flushCache();
This helper is designed simply to hide links that the user does not have permission to access.
Suppose we have the link Add New Post and we want to show it only for users with permission to enroll, then we use the helper Acl_Html instead of Html.
// Link only appears if user has permission
$this->AclHtml->link(
__('Add New Post', true),
array(
'controller' => 'posts',
'action' => 'add',
'admin' => true
)
);
There will be a situation that you want to display only the text Add New Post if you do not have permission to access (instead of not displaying anything). For this we set show = true.
// If the user has permission displays the link, if not, displays only the text
$this->AclHtml->link(
__('Add New Post', true),
array(
'controller' => 'posts',
'action' => 'add',
'admin' => true
),
array(
'show' => true // display text
)
);
Copyright 2011, Pedro Elsner (http://pedroelsner.com/)
Licensed under Creative Commons 3.0 (http://creativecommons.org/licenses/by/3.0/)