ACL,ARO和ACO,如果有新的部分如何更新它们?
如果我在网站中添加了一个部分,我试图了解如何使用 ARO 和 ACO。
CakePHP 指南清楚地说明了 ACL 的概念如何工作,但没有说明如何在代码中实现它。就我个人而言,我发现本教程的所有部分都非常不清楚如何在 CakePHP 框架内使用它们。它似乎是 CakePHP 框架中最不友好的部分。
现在,当我进入我创建的新部分时,我收到此错误,并且我不明白如何修复它。
Warning (512): DbAcl::check() - Failed ARO/ACO node lookup in permissions check. Node references:
Aro: Array
(
[User] => Array (
[id] => 1
[username] => vittorio
[group_id] => 1
[created] => 2011-03-30 10:51:23
[modified] => 2011-03-30 10:51:23
[viewable] => 0
)
)
Aco: controllers/Works/index [CORE/cake/libs/controller/components/acl.php, line 273]
如果我看
http://book.cakephp.org/view/647 /用于创建 ACO 的自动化工具
以及
http://book .cakephp.org/view/996/Creating-Components#!/view/1548/Creating-ACOs-Access-Control-Objects
我应该得到答案,但是如果我运行此代码调用 url mysite.com/build_acl 再次我只收到这些错误:
Missing Controller
Error: BuildAclController could not be found.
Error: Create the class BuildAclController below in file: app/controllers/build_acl_controller.php
<?php
class BuildAclController extends AppController {
var $name = 'BuildAcl';
}
?>
Notice: If you want to customize this error message, create app/views/errors/missing_controller.ctp
是否存在一个谈论 ACL、ARO 和 ACO 的体面指南以及如何在 CakePHP 上实现它们而不让读者迷失?
I'm trying to understand how use AROs and ACOs if I've added a section in my site.
The CakePHP guide is clear on how the concept of ACL works, but not on how it should be implemented in the code. Personally I've found all the part of the tutorial very unclear on how they should be used inside CakePHP framework. It seems to be most unfriendly part of CakePHP framework.
Now when I go in new sections I've created, I get this error, and I don't understand how I could fix it.
Warning (512): DbAcl::check() - Failed ARO/ACO node lookup in permissions check. Node references:
Aro: Array
(
[User] => Array (
[id] => 1
[username] => vittorio
[group_id] => 1
[created] => 2011-03-30 10:51:23
[modified] => 2011-03-30 10:51:23
[viewable] => 0
)
)
Aco: controllers/Works/index [CORE/cake/libs/controller/components/acl.php, line 273]
If I look on
http://book.cakephp.org/view/647/An-Automated-tool-for-creating-ACOs
and on
http://book.cakephp.org/view/996/Creating-Components#!/view/1548/Creating-ACOs-Access-Control-Objects
I should get the answers, but if I run this code calling the url mysite.com/build_acl again I only get these errors:
Missing Controller
Error: BuildAclController could not be found.
Error: Create the class BuildAclController below in file: app/controllers/build_acl_controller.php
<?php
class BuildAclController extends AppController {
var $name = 'BuildAcl';
}
?>
Notice: If you want to customize this error message, create app/views/errors/missing_controller.ctp
Does exist a decent guide who talks about ACL, AROs and ACOs and how to implement them on CakePHP without leave the reader lost?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
Vittorio
恕我直言, ,ACL 和 AUTH 组合起来是一个非常通用的工具。第一次让它工作让我很恼火。我一遍又一遍地看到的主要错误是:
build_acl。ACL节点作为输出上一步)具有适当的访问权限
权利。
app_controller继承的每个控制器中调用parent::beforeFilter()(因为关键设置通常驻留在此方法中)。重新发明轮子:在基本功能 Auth+Acl 之后 教程,查看 sourceforge 和 github 上的插件。
不是重新发明轮子^^,据我所知,完美的AUTH+ACL管理插件尚未编写(但可用的代码确实存在)
祝您旅途愉快,本杰明。
编辑0
基本的代码卫生会有所帮助,例如,如果您允许用户作为请求对象并允许操作作为受控对象,则将
build_acl()写入 users_controller 中是有意义的,后面紧跟例如init_db(),您可以在其中集中设置访问权限。不要忘记在投入生产之前删除这些黑客行为,即使再次设置正确的访问权限不会造成太大伤害,但想象一下如果约翰·多伊和朋友一直运行此功能,他们会对您的应用程序做什么 Ü
Vittorio,
with due respect, ACL and AUTH combined are a very generic tool. Getting it to work for the first time annoyed me quite a bit. The main errors, which I keep seeing over and over again are:
build_aclafter one or more new actions has been created.ACLnodes as output ofthe previous step) with proper access
rights.
parent::beforeFilter()in every controller who inherits from parentapp_controller(as often crucial settings reside in this method).Reinventing the wheel: After a basic functioning Auth+Acl tutorial, check out the plugins on sourceforge and github.
Not reinventing the wheel ^^, afaik the perfect AUTH+ACL management plugin is yet to be written (but useable code does exist)
Good journey, Benjamin.
Edit0
Basic code hygiene helps, e.g. if you allow users as requesting objects and actions as controlled objects, it makes sense to write the
build_acl()into the users_controller, directly followed by, e.g.init_db(), where you centralize settings access rights.Do not forget to remove these hacks before going into production, even though setting correct access rights again would not hurt much, but imagine what john doe and friends do to your app if they run this function all the time Ü
您必须在控制器的任何操作中运行 build_acl ,您不能像引用没有控制器的操作那样调用它。至少你可以尝试这样
或者在app_controller的beforeFilter方法中运行它,例如
当然函数本身必须在app_controller中声明。
you must run build_acl in any action of your controller, you can't call it like that you're referring to an action without controller. at least you can try like this
or run it in app_controller's beforeFilter method e.g.
of course the function itself must be declared in app_controller.