我有以下ARO树:
---------------------------------------------------------------
Aro tree:
---------------------------------------------------------------
[1] rental_registry_users
[2] rental_registry_admin
[3] User.1
[11] User.7
[4] rental_registry_owner
[5] User.3
[6] rental_registry_agent
[7] User.4
[8] User.5
[9] User.6
[10] rental_registry_management_company
创建新用户后,我想自动将它们添加到" rental_registry_admin' ARO。
这就是我的用户模型:
<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
/**
* User Model
*
*/
class User extends AppModel {
var $actAs = array('Acl' => array('type'=>'requester'));
/**
* Display field
*
* @var string
*/
public $displayField = 'username';
/**
* Validation rules
*
* @var array
*/
public $validate = array(
'username' => array(
'email' => array(
'rule' => array('email'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
'password' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
//'message' => 'Your custom message here',
//'allowEmpty' => false,
//'required' => false,
//'last' => false, // Stop validation after this rule
//'on' => 'create', // Limit validation to 'create' or 'update' operations
),
),
);
/**
* beforeSave method -- executed before model is comitted to the database
* @return true
*/
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}
public function parentNode() {
switch ($this->data[$this->alias]['role']) {
case 'admin':
return 'rental_registry_admin';
case 'owner':
return 'rental_registry_owner';
default:
case 'agent':
return 'rental_registry_agent';
}
}
}
但是,当保存新用户时,它们不会添加到ARO中。我错过了什么?此代码基于CakePHP书籍第285页上的示例。用户没有被添加到任何ARO中,因此不会将其分配给错误的ARO。
答案 0 :(得分:0)
最后,我改变了权限级别的处理方式。相反,我在用户表中添加了一个“角色”字段,并用它来确定控制器内的访问权限。