我有两组ID:
组1 =>管理员
组2 =>用户
我正在寻找一种方法来拒绝非管理员用户的访问权限(因此第2组未登录)。函数isAuthorized不起作用,我的意思是它总是返回true,我只是不知道为什么。谢谢你的帮助
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public $helpers = array('Html', 'Form', 'Session');
public function beforeFilter() {
parent::beforeFilter();
//Configure AuthComponent
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'home');
if(isset($this->request->params["prefix"]) && $this->request->params["prefix"] == "admin"){
$this->layout = "admin";
} else {
$this->layout = "default";
}
}
public function isAuthorized() {
parent::isAuthorized();
if(isset($this->request->params["prefix"]) && $this->request->params["prefix"] == "admin" && $this->Auth->user('group_id') === 1){
return true;
}
else {
return false;
}
}
}
PagesController
<?php
class PagesController extends AppController {
/**
* This controller does not use a model
*
* @var array
*/
public $uses = array();
/**
* Displays a view
*
* @param mixed What page to display
* @return void
* @throws NotFoundException When the view file could not be found
* or MissingViewException in debug mode.
*/
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow();
}
public function display() {
$path = func_get_args();
$count = count($path);
if (!$count) {
return $this->redirect('/');
}
$page = $subpage = $title_for_layout = null;
if (!empty($path[0])) {
$page = $path[0];
}
if (!empty($path[1])) {
$subpage = $path[1];
}
if (!empty($path[$count - 1])) {
$title_for_layout = Inflector::humanize($path[$count - 1]);
}
$this->set(compact('page', 'subpage', 'title_for_layout'));
try {
$this->render(implode('/', $path));
} catch (MissingViewException $e) {
if (Configure::read('debug')) {
throw $e;
}
throw new NotFoundException();
}
}
public function admin_index() {
$title_for_layout = 'Dashboard';
$this->set(compact('title_for_layout'));
}
}
路由
*/
Router::connect('/', array('controller' => 'pages', 'action' => 'display', 'home'));
/**
* ...and connect the rest of 'Pages' controller's urls.
*/
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
Router::connect('/admin', array('controller' => 'pages', 'action' => 'index', 'admin' => true));
答案 0 :(得分:2)
要从admin_等操作中自动添加前缀,您需要在core.php文件中添加以下行:
Configure::write('Routing.prefixes', array('admin'));
然后,PagesController::admin_index可以访问操作/admin/pages/index而不是/pages/admin_index,admin参数设置为true,因此您可以使用$this->params['admin']进行检查(见下面的代码)。
实际上,在CakePHP中,默认情况下拒绝所有路由,但是您在beforeFilter中执行PagesController允许$this->Auth->allow()中的所有路由,您需要为admin添加例外。
要执行此操作,请在AppController:
<?php
class AppController {
public $components = array(
'Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login');
'loginRedirect' => array('controller' => 'pages', 'action' => 'home');
'logoutRedirect' => array('controller' => 'users', 'action' => 'login');
'authorize' => array('Controller'),
)
) ;
public beforeFilter() {
parent::beforeFilter() ;
// Allow everything to not logged user except admin pages
if (isset($this->params["admin"])
&& $this->params["admin"]) {
$this->Auth->deny() ;
}
else {
$this->Auth->allow() ;
}
}
public isAuthorized() {
if (isset($this->params["admin"])
&& $this->params["admin"]) {
return $this->Auth->user('group_id') === 1 ;
}
return parent::isAuthorized() ;
}
} ;