cakephp 基于组的权限

发布于 2024-10-11 17:19:13 字数 761 浏览 6 评论 0原文

我希望有基于组的限制，允许用户仅访问网络的指定部分。我对整个 ACL 内容很陌生，我没有从手册中完全理解它：/因此我想问一些问题。

但在提出任何问题之前，我的路线如下所示：

Router::connect('/', array('controller' => 'users', 'action' => 'login'));
Router::connect('/admin/:controller/:action/*', array('prefix' => 'admin', 'admin' => true));
Router::connect('/registered/:controller/:action/*', array('prefix' => 'registered', 'registered' => true));

1.) 如何限制除 Administrator 之外的任何其他组的用户仅访问网络的 /registered/ 部分

2.) 如何防止任何人在全球范围内使用 www.example.com/users/add 等默认地址（我只想要 www.example.com/admin/users /add 或 www.example.com/registered/users/add 类型的地址）？此类地址未在routes.php中设置事件，但它们仍然有效。

任何答案都表示赞赏

原文

I would like to have group based restrictions that would allow users to access only specified parts of the web. I am new to the whole ACL stuff and I didn't quite get it from the manual :/ therefore I would like to ask some questions.

But before any questions, my routes look like this:

Router::connect('/', array('controller' => 'users', 'action' => 'login'));
Router::connect('/admin/:controller/:action/*', array('prefix' => 'admin', 'admin' => true));
Router::connect('/registered/:controller/:action/*', array('prefix' => 'registered', 'registered' => true));

1.) How do I restrict users from any other group than Administrator to access ONLY the /registered/ part of the web

2.) How do I prevent anyone from using the default addresses like www.example.com/users/add on a global scale (I want only www.example.com/admin/users/add or www.example.com/registered/users/add type of addresses)? This kind of addresses is not event set in the routes.php but they still work.

Any answers apprecated

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

神爱温柔 2024-10-18 17:19:13

首先这个蛋糕是1.3还是1.2？
1.3 中使用了前缀路由。您可以设置多个前缀，例如现在我正在开发一个需要通过 admin/controller/action 进行管理员控制的网站，并且我还限制某些区域仅允许注册用户..例如 /users/controller/action。

这相对容易做到，第一步是在 core.php 中设置前缀：

Configure::write('Routing.prefixes', array('admin', 'registered'));

它记录在此处：
http://book.cakephp.org/view/950/Prefix-Routing

Auth 组件可以处理这里的其他所有事情，您可以使用 ACL 等，但我没有对此进行深入研究，因为它对于我目前正在创建的东西来说似乎过于复杂。

当我学习如何执行此操作时，我发现 YouTube 上的 Andrew Perkins auth 组件教程很有帮助。
youtube.com/watch?v=FjXAnizmR94

有 3 个部分，他解释得很好。

祝你好运！

Firstly is this cake 1.3 or 1.2?
In 1.3 prefix routing is used. You can setup multiple prefixes, for example right now I am developing a site that requires administrator control through admin/controller/action and also I am restricting some areas to only registered users.. for example /users/controller/action.

This is relatively easy to do, first step is to setup prefixes in your core.php:

Configure::write('Routing.prefixes', array('admin', 'registered'));

It is documented here:
http://book.cakephp.org/view/950/Prefix-Routing

Auth component can take care of everything else here, you can use ACL and so on but I haven't looked to far into this because it seems overcomplicated for the things I am creating at the moment.

A tutorial I found helpful was Andrew Perkins auth component tutorial on youtube when I was learning how to do this.
youtube.com/watch?v=FjXAnizmR94

There are 3 parts, and he explains things well.

Best of luck!

回复收藏 0 原文

心房的律动 2024-10-18 17:19:13

好的，这是一个可行的解决方案。（<代码>/app/app_controller.php）

function beforeFilter() {               
        if ((isset($this->params['admin']))) {
            $admin_grp = $this->UserGroup->find('first', array(
                'conditions' => array(
                    'UserGroup.name' => 'Administrator')));
            if ($this->Auth->user('user_group_id') != $admin_grp['UserGroup']['id']) {
                $this->Session->setFlash(__('Access denied.', true));
                $this->redirect("/registered");
            } else {
                $this->layout = 'admin';
            }
        } else if (isset($this->params['registered'])) {
            if (!$this->Auth->user()) {
                $this->Session->setFlash(__('Access denied. You need to login first.', true));
                $this->redirect("/users/login");
            }
            $this->layout = 'registered';
        } else {
            $this->layout = 'default';
        }
}

Ok, so this is a working sollution. (/app/app_controller.php)

function beforeFilter() {               
        if ((isset($this->params['admin']))) {
            $admin_grp = $this->UserGroup->find('first', array(
                'conditions' => array(
                    'UserGroup.name' => 'Administrator')));
            if ($this->Auth->user('user_group_id') != $admin_grp['UserGroup']['id']) {
                $this->Session->setFlash(__('Access denied.', true));
                $this->redirect("/registered");
            } else {
                $this->layout = 'admin';
            }
        } else if (isset($this->params['registered'])) {
            if (!$this->Auth->user()) {
                $this->Session->setFlash(__('Access denied. You need to login first.', true));
                $this->redirect("/users/login");
            }
            $this->layout = 'registered';
        } else {
            $this->layout = 'default';
        }
}

回复收藏 0 原文

~没有更多了~