我的应用程序在cakephp中运行,使用" LADP" AD(Active Directory)。我已经将管理面板“和路由前缀”集成到管理员"。因此,我将管理员操作放在与前端操作相同的控制器中。与UsersController行动login(),logout(),admin_login(),admin_logout()一样。 AdminContoller有
public function index() {
$username = $this->Session->read('Admin.username');
if (empty($username)) {
$this->redirect(array('controller' => 'users', 'action' => 'login', 'admin' => true));
} else {
$this->redirect(array('action' => 'dashboard', 'admin' => true));
}
}
public function admin_dashboard() {
$this->loadModel('User');
$this->loadModel('Group');
$this->loadModel('News');
$username = $this->Session->read('Admin.username');
$group_id = $this->Session->read('Admin.group_id');
if (empty($username) and ( $group_id = 1)) {
$this->Session->setFlash(__('You are not authorized to view this Page!!'), 'default', array('class' => 'alert alert-error'));
$this->redirect(array('controller' => 'users', 'action' => 'index', 'admin' => true));
}
$users = $this->User->find('count', array('conditions' => array('User.group_id !=' => 1)));
$groups = $this->Group->find('count');
$news = $this->News->find('count', array('conditions' => array('News.expiry_date >= NOW()')));
$this->set(compact('users', 'groups', 'news'));
}
如下AppController
class AppController extends Controller {
public $helpers = array('Paginator','Acl.AclHtml');
public $components = array('Acl', 'Session',
'Auth' => array(
'authError' => 'You are not authorized to access that location.',
'authorize' => array(
'Actions' => array(
'actionPath' => 'controllers')
),
'controllers' => array('users')
));
public function beforeFilter() {
// LDAP
$server_ip = $_SERVER['SERVER_ADDR'];
$ldapIp = ClassRegistry::init('LdapIp');
$ldapIpCount = $ldapIp->find('count', array('conditions' => array('ldap_ip' => $server_ip)));
if ($ldapIpCount >= 1) {
$this->Auth->authenticate = array('Ldap');
} else {
$this->Auth->authenticate = array('Form');
}
$this->Auth->allow();
if (!$this->Auth->isAllow($this)) {
$this->set(array(
'message' => array(
'text' => __('un aunthaticated request'),
'type' => 'error',
'status' => "401"
),
'_serialize' => array('message')
));
throw new ForbiddenException();
}
}
}
如果他已登录,我如何将管理员重定向到admin/admin_dashboard,如果不是,则将其重定向到users/admin_login,而不检查每个控制器操作?我们可以在beforeFilter() AppController的某个位置查看吗?
请提供任何建议以及实现此目的的代码。我将在此之后集成" alaxos ACL插件2.0" ,因此请通过保留此方案向我建议代码。
答案 0 :(得分:0)
我使用了前缀' admin' [if($ this-> params [' prefix'] ==' admin')]对于我的项目,在您的情况下,更改为控制器:
public function beforeFilter() {
....
//Configure AuthComponent
if($this->params['controller'] == 'admin') {
$this->Auth->loginAction = array(
'controller' => 'users',
'action' => 'admin_login',
);
$this->Auth->logoutRedirect = array(
'controller' => 'users',
'action' => 'admin_login',
);
$this->Auth->loginRedirect = array(
'controller' => 'admin',
'action' => 'dashboard',
);
}
....
}
我认为您应该使用前缀' admin'。
更多信息:Admin Prefix