Simply record the steps here for later reference.
1. Introduce auth /app/Controller/AppController.php
Php code
class AppController extends Controller { public $components = array( 'Acl', 'Auth' => array( 'authorize' => array( 'Actions' => array('actionPath' => 'controllers') ) ), 'Session' ); public $helpers = array('Html', 'Form', 'Session'); public function beforeFilter() { //Configure AuthComponent $this->Auth->loginAction = array( 'controller' => 'users', 'action' => 'login' ); $this->Auth->logoutRedirect = array( 'controller' => 'users', 'action' => 'login' ); $this->Auth->loginRedirect = array( 'controller' => 'posts', 'action' => 'add' ); } }
2. Generate acl table
Bash code
./Console/cake schema create DbAcl
Add groups and users
Set up the Model file /app/Model/User.php
Php code
class User extends AppModel { public $belongsTo = array('Group'); public $actsAs = array('Acl' => array('type' => 'requester')); public function parentNode() { if (!$this->id && emptyempty($this->data)) { return null; } if (isset($this->data['User']['group_id'])) { $groupId = $this->data['User']['group_id']; } else { $groupId = $this->field('group_id'); } if (!$groupId) { return null; } return array('Group' => array('id' => $groupId)); } public function bindNode($user) { return array('model' => 'Group', 'foreign_key' => $user['User']['group_id']); } }
File/app/Model/Group.php
Php code
class Group extends AppModel { public $actsAs = array('Acl' => array('type' => 'requester')); public function parentNode() { return null; } }
Use bake to generate mvc files for Users and Groups, add groups and users, and generate aros data.
4. Use AclExtras to generate aco table data
Download AclExtras and install it in the /app/Plugin/ directory
Php code
//app/Config/boostrap.php // ... CakePlugin::load('AclExtras'); 利用bash命令生成可用的acos数据 Bash代码 ./Console/cake AclExtras.AclExtras aco_sync
5. Supplement login and logout
Php code
<!-- login.ctp --> <h2>Login</h2> <?php echo $this->Form->create('User', array( 'url' => array( 'controller' => 'users', 'action' => 'login' ) )); echo $this->Form->input('User.username'); echo $this->Form->input('User.password'); echo $this->Form->end('Login'); ?> ############分割线######## // action public function login() { if ($this->Session->read('Auth.User')) { $this->Session->setFlash('You are logged in!'); return $this->redirect('/'); } }
Php code
public function logout() { $this->redirect($this->Auth->logout()); }
6. ACO related
acos display using TreeBehavior
Php code
// /app/Model/Aco.php 文件 public $actsAs = array('Tree'); public $displayField = 'alias'; // 输出 $this->Aco->generateTreeList(null, null, null, ' ');
7. Permission allocation
Php code
public function initDB() { $group = $this->User->Group; // Allow admins to everything $group->id = 1; $this->Acl->allow($group, 'controllers'); // allow managers to posts and widgets $group->id = 2; $this->Acl->deny($group, 'controllers'); $this->Acl->allow($group, 'controllers/Posts'); $this->Acl->allow($group, 'controllers/Widgets'); // allow users to only add and edit on posts and widgets $group->id = 3; $this->Acl->deny($group, 'controllers'); $this->Acl->allow($group, 'controllers/Posts/add'); $this->Acl->allow($group, 'controllers/Posts/edit'); $this->Acl->allow($group, 'controllers/Widgets/add'); $this->Acl->allow($group, 'controllers/Widgets/edit'); // allow basic users to log out $this->Acl->allow($group, 'controllers/users/logout'); // we add an exit to avoid an ugly "missing views" error message echo "all done"; exit; }
8. Organizing
Php代码 /** * custom beforeFilter */ public function beforeFilter() { parent::beforeFilter(); $this->Auth->allow('XXX'); // $this->Auth->allow(); }