CakePHP Auth ACL

时间:2011-04-07 12:20:50

标签: cakephp acl authentication

我从CakePHP开始,只想使用访问控制列表(ACL)

我找到了一个教程,但我无法解决这个问题 我想要两个具有不同权限的组。

管理员可以注册新用户。 用户只能登录并查看他们的个人资料。

我认为这很简单,但我无法得到逻辑 我希望你可以帮助我,这真的令人沮丧......:P

数据库 用户     id - 主要     用户名 - 唯一     密码     GROUP_ID 组     id - 主要     名字 - 唯一

模型类USER 

<?php  
class User extends AppModel { 
    var $name = 'User'; 
    var $displayField = 'username'; 
    var $belongsTo = array( 
        'Group' => array( 
            'className' => 'Group', 
            'foreignKey' => 'group_id' 
        ) 
    ); 
} 
?>

模型类GROUP 

<?php  
class Group extends AppModel { 
    var $name = 'Group'; 
    var $displayField = 'name'; 

    var $hasMany = array( 
        'User' => array( 
            'className' => 'User', 
            'foreignKey' => 'group_id', 
            'dependent' => false 
        ) 
    ); 

} 
?>

控制器类AppController 

<?php  
class AppController extends Controller { 

    var $components = array('Auth', 'RequestHandler');  
    var $permissions = array(); 

    function beforeFilter() { 
        $this->Auth->fields  = array( 
            'username'=>'username', //The field the user logs in with (eg. username) 
            'password' =>'password' //The password field 
        ); 
        $this->Auth->authorize = 'controller'; 
        $this->Auth->autoRedirect = false; 
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); 
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login'); 
        $this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'welcome'); 

    } 

    function isAuthorized(){ 
        if($this->Auth->user('group') == 'admin') return true; //Remove this line if you don't want admins to have access to everything by default
        if(!empty($this->permissions[$this->action])){ 
            if($this->permissions[$this->action] == '*') return true; 
            if(in_array($this->Auth->user('group'), $this->permissions[$this->action])) return true; 
        } 
        return false; 

    } 

} 
?>

控制器类UsersController 

<?php  
class UsersController extends AppController { 

    var $name = 'Users'; 
    var $helpers = array('Html', 'Form'); 
    var $permissions = array( 
        'logout' => '*', 
        'welcome' => '*' 
    ); 

    function welcome(){ 
    } 

    function login(){ 
        if($this->Auth->user()){ 
            $this->Session->write('Auth.User.group', $this->User->Group->field('name',array('id' => $this->Auth->user('group_id')))); 
            $this->redirect($this->Auth->redirect()); 
        } 
    } 

    function logout(){ 
        $this->redirect($this->Auth->logout()); 
    } 

    function registerusers(){
   //  Only for administrators.. how can I set this permission?
    }

    // Add whatever user logic methods you'd like here as well (eg. add/edit/delete users) 
?>

2 个答案:

答案 0 :(得分:1)

anddevelop,

从快速回顾中,我倾向于说你混淆了一些事情,例如:缺少$actsAs,还添加了其他一些内容。您应该阅读官方教程here,因为这样可以提供您所要求的内容。

鼓励的话:如果你仔细检查教程,你就会成功。只需从一个新的CakePHP环境中尝试它。

答案 1 :(得分:0)

您是否按照CakePHP Manual中的说明创建了ACL表(arosacos)?

如果您按照该教程进行操作,您将看到设置正确结构所需的内容,以确定哪些用户(或组)可以执行哪些操作。

相关问题
最新问题