mirror of
https://github.com/Oreolek/aacl.git
synced 2024-04-26 22:19:33 +03:00
Reverted renaming
This commit is contained in:
parent
6ab2e7479d
commit
3b6436a70c
|
@ -1,4 +1,4 @@
|
||||||
CREATE TABLE IF NOT EXISTS `acl` (
|
CREATE TABLE IF NOT EXISTS `aacl` (
|
||||||
`id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
|
`id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
|
||||||
`role_id` INT(10) UNSIGNED DEFAULT NULL,
|
`role_id` INT(10) UNSIGNED DEFAULT NULL,
|
||||||
`resource` VARCHAR(255) DEFAULT NULL,
|
`resource` VARCHAR(255) DEFAULT NULL,
|
||||||
|
@ -6,4 +6,4 @@ CREATE TABLE IF NOT EXISTS `acl` (
|
||||||
`condition` VARCHAR(255) DEFAULT NULL,
|
`condition` VARCHAR(255) DEFAULT NULL,
|
||||||
PRIMARY KEY (`id`),
|
PRIMARY KEY (`id`),
|
||||||
KEY `role_id` (`role_id`)
|
KEY `role_id` (`role_id`)
|
||||||
) ENGINE=INNODB;
|
) ENGINE=INNODB;
|
|
@ -1,22 +1,22 @@
|
||||||
<?php defined('SYSPATH') or die ('No direct script access.');
|
<?php defined('SYSPATH') or die ('No direct script access.');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Another ACL
|
* Another AACL
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses ORM
|
* @uses ORM
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class ACL {
|
class AACL {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* All rules that apply to the currently logged in user
|
* All rules that apply to the currently logged in user
|
||||||
*
|
*
|
||||||
* @var array contains Model_ACL_Rule objects
|
* @var array contains Model_AACL_Rule objects
|
||||||
*/
|
*/
|
||||||
protected static $_rules;
|
protected static $_rules;
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ class ACL {
|
||||||
* @param string $resource resource identifier [optional]
|
* @param string $resource resource identifier [optional]
|
||||||
* @param string $action action [optional]
|
* @param string $action action [optional]
|
||||||
* @param string $condition condition [optional]
|
* @param string $condition condition [optional]
|
||||||
* @throws ACL_Exception
|
* @throws AACL_Exception
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public static function grant($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
|
public static function grant($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
|
||||||
|
@ -53,19 +53,19 @@ class ACL {
|
||||||
if ( ! is_null($role))
|
if ( ! is_null($role))
|
||||||
{
|
{
|
||||||
// Normalize $role
|
// Normalize $role
|
||||||
$role = ACL::normalize_role($role);
|
$role = AACL::normalize_role($role);
|
||||||
|
|
||||||
// Check role exists
|
// Check role exists
|
||||||
if ( ! $role->loaded())
|
if ( ! $role->loaded())
|
||||||
{
|
{
|
||||||
throw new ACL_Exception('Unknown role :role passed to ACL::grant()',
|
throw new AACL_Exception('Unknown role :role passed to AACL::grant()',
|
||||||
array(':role' => $role->name));
|
array(':role' => $role->name));
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create rule
|
// Create rule
|
||||||
ACL::create_rule(
|
AACL::create_rule(
|
||||||
array(
|
array(
|
||||||
'role_id' => $role,
|
'role_id' => $role,
|
||||||
'resource' => $resource,
|
'resource' => $resource,
|
||||||
|
@ -87,7 +87,7 @@ class ACL {
|
||||||
*/
|
*/
|
||||||
public static function revoke($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
|
public static function revoke($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
|
||||||
{
|
{
|
||||||
$model = ORM::factory('ACL_Rule');
|
$model = ORM::factory('AACL_Rule');
|
||||||
|
|
||||||
if (is_null($role))
|
if (is_null($role))
|
||||||
{
|
{
|
||||||
|
@ -96,7 +96,7 @@ class ACL {
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
// Normalize $role
|
// Normalize $role
|
||||||
$role = ACL::normalize_role($role);
|
$role = AACL::normalize_role($role);
|
||||||
|
|
||||||
// Check role exists
|
// Check role exists
|
||||||
if ( ! $role->loaded())
|
if ( ! $role->loaded())
|
||||||
|
@ -136,17 +136,17 @@ class ACL {
|
||||||
* Method, that allows to check any rule from database in any place of project.
|
* Method, that allows to check any rule from database in any place of project.
|
||||||
* Works with string presentations of resources, actions, roles and conditions
|
* Works with string presentations of resources, actions, roles and conditions
|
||||||
*
|
*
|
||||||
* @param ACL_Resource $resource
|
* @param AACL_Resource $resource
|
||||||
* @param string $action
|
* @param string $action
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public static function access(ACL_Resource $resource, $action = NULL)
|
public static function access(AACL_Resource $resource, $action = NULL)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
ACL::check($resource, $action);
|
AACL::check($resource, $action);
|
||||||
}
|
}
|
||||||
catch (ACL_Exception $e)
|
catch (AACL_Exception $e)
|
||||||
{
|
{
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
@ -158,21 +158,21 @@ class ACL {
|
||||||
* Checks user has permission to access resource
|
* Checks user has permission to access resource
|
||||||
* works with unauthenticated users (role_id = NULL)
|
* works with unauthenticated users (role_id = NULL)
|
||||||
*
|
*
|
||||||
* @param ACL_Resource $resource ACL_Resource object being requested
|
* @param AACL_Resource $resource AACL_Resource object being requested
|
||||||
* @param string $action action identifier [optional]
|
* @param string $action action identifier [optional]
|
||||||
* @throws ACL_Exception_401 To identify permission or authentication failure
|
* @throws AACL_Exception_401 To identify permission or authentication failure
|
||||||
* @throws ACL_Exception_403 To identify permission or authentication failure
|
* @throws AACL_Exception_403 To identify permission or authentication failure
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public static function check(ACL_Resource $resource, $action = NULL)
|
public static function check(AACL_Resource $resource, $action = NULL)
|
||||||
{
|
{
|
||||||
$user = ACL::get_loggedin_user();
|
$user = AACL::get_loggedin_user();
|
||||||
|
|
||||||
// User is logged in, check rules
|
// User is logged in, check rules
|
||||||
$rules = ACL::_get_rules($user);
|
$rules = AACL::_get_rules($user);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Model_ACL_Rule $rule
|
* @var Model_AACL_Rule $rule
|
||||||
*/
|
*/
|
||||||
foreach ($rules as $rule)
|
foreach ($rules as $rule)
|
||||||
{
|
{
|
||||||
|
@ -186,30 +186,30 @@ class ACL {
|
||||||
// No access rule matched
|
// No access rule matched
|
||||||
if ($user)
|
if ($user)
|
||||||
{
|
{
|
||||||
throw new ACL_Exception_403;
|
throw new AACL_Exception_403;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
throw new ACL_Exception_401;
|
throw new AACL_Exception_401;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Almost the same as check() but doesn't throw exceptions and answer is boolean
|
* Almost the same as check() but doesn't throw exceptions and answer is boolean
|
||||||
*
|
*
|
||||||
* @param ACL_Resource $resource ACL_Resource object being requested
|
* @param AACL_Resource $resource AACL_Resource object being requested
|
||||||
* @param string $action action identifier [optional]
|
* @param string $action action identifier [optional]
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
public static function check_if(ACL_Resource $resource, $action = NULL)
|
public static function check_if(AACL_Resource $resource, $action = NULL)
|
||||||
{
|
{
|
||||||
$user = ACL::get_loggedin_user();
|
$user = AACL::get_loggedin_user();
|
||||||
|
|
||||||
// User is logged in, check rules
|
// User is logged in, check rules
|
||||||
$rules = ACL::_get_rules($user);
|
$rules = AACL::_get_rules($user);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var Model_ACL_Rule $rule
|
* @var Model_AACL_Rule $rule
|
||||||
*/
|
*/
|
||||||
foreach ($rules as $rule)
|
foreach ($rules as $rule)
|
||||||
{
|
{
|
||||||
|
@ -223,7 +223,7 @@ class ACL {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create an ACL rule
|
* Create an AACL rule
|
||||||
*
|
*
|
||||||
* @param array $fields optional fields' values
|
* @param array $fields optional fields' values
|
||||||
*
|
*
|
||||||
|
@ -231,7 +231,7 @@ class ACL {
|
||||||
*/
|
*/
|
||||||
public static function create_rule(array $fields = array())
|
public static function create_rule(array $fields = array())
|
||||||
{
|
{
|
||||||
ORM::factory('ACL_Rule')->values($fields)->create();
|
ORM::factory('AACL_Rule')->values($fields)->create();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -245,29 +245,29 @@ class ACL {
|
||||||
*/
|
*/
|
||||||
public static function _get_rules($user = FALSE, $force_load = FALSE)
|
public static function _get_rules($user = FALSE, $force_load = FALSE)
|
||||||
{
|
{
|
||||||
if ( ! isset(ACL::$_rules) || $force_load)
|
if ( ! isset(AACL::$_rules) || $force_load)
|
||||||
{
|
{
|
||||||
$select_query = ORM::factory('ACL_Rule')
|
$select_query = ORM::factory('AACL_Rule')
|
||||||
// User is guest
|
// User is guest
|
||||||
->where('role_id', '=', NULL);
|
->where('role_id', '=', NULL);
|
||||||
|
|
||||||
// Get rules for user
|
// Get rules for user
|
||||||
if ($user instanceof Model_User and $user->loaded())
|
if ($user instanceof Model_User and $user->loaded())
|
||||||
{
|
{
|
||||||
ACL::$_rules = $select_query->or_where('role_id', 'IN', $user->roles->find_all()->as_array());
|
AACL::$_rules = $select_query->or_where('role_id', 'IN', $user->roles->find_all()->as_array());
|
||||||
}
|
}
|
||||||
// Get rules for role
|
// Get rules for role
|
||||||
elseif ($user instanceof Model_Role and $user->loaded())
|
elseif ($user instanceof Model_Role and $user->loaded())
|
||||||
{
|
{
|
||||||
ACL::$_rules = $select_query->or_where('role_id', '=', $user->id);
|
AACL::$_rules = $select_query->or_where('role_id', '=', $user->id);
|
||||||
}
|
}
|
||||||
|
|
||||||
ACL::$_rules = $select_query
|
AACL::$_rules = $select_query
|
||||||
->order_by('LENGTH("resource")', 'ASC')
|
->order_by('LENGTH("resource")', 'ASC')
|
||||||
->find_all()->as_array();
|
->find_all()->as_array();
|
||||||
}
|
}
|
||||||
|
|
||||||
return ACL::$_rules;
|
return AACL::$_rules;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -280,17 +280,17 @@ class ACL {
|
||||||
*/
|
*/
|
||||||
public static function list_resources($resource_id = FALSE)
|
public static function list_resources($resource_id = FALSE)
|
||||||
{
|
{
|
||||||
if ( ! isset(ACL::$_resources))
|
if ( ! isset(AACL::$_resources))
|
||||||
{
|
{
|
||||||
// Find all classes in the application and modules
|
// Find all classes in the application and modules
|
||||||
$classes = ACL::_list_classes();
|
$classes = AACL::_list_classes();
|
||||||
|
|
||||||
// Loop through classes and see if they implement ACL_Resource
|
// Loop through classes and see if they implement AACL_Resource
|
||||||
foreach ($classes as $class_name)
|
foreach ($classes as $class_name)
|
||||||
{
|
{
|
||||||
$class = new ReflectionClass($class_name);
|
$class = new ReflectionClass($class_name);
|
||||||
|
|
||||||
if ($class->implementsInterface('ACL_Resource'))
|
if ($class->implementsInterface('AACL_Resource'))
|
||||||
{
|
{
|
||||||
// Ignore interfaces and abstract classes
|
// Ignore interfaces and abstract classes
|
||||||
if ($class->isInterface() || $class->isAbstract())
|
if ($class->isInterface() || $class->isAbstract())
|
||||||
|
@ -302,7 +302,7 @@ class ACL {
|
||||||
$resource = $class->getMethod('acl_instance')->invoke($class_name, $class_name);
|
$resource = $class->getMethod('acl_instance')->invoke($class_name, $class_name);
|
||||||
|
|
||||||
// Get resource info
|
// Get resource info
|
||||||
ACL::$_resources[$resource->acl_id()] = array(
|
AACL::$_resources[$resource->acl_id()] = array(
|
||||||
'actions' => $resource->acl_actions(),
|
'actions' => $resource->acl_actions(),
|
||||||
'conditions' => $resource->acl_conditions(),
|
'conditions' => $resource->acl_conditions(),
|
||||||
);
|
);
|
||||||
|
@ -314,14 +314,14 @@ class ACL {
|
||||||
|
|
||||||
if ($resource_id === TRUE)
|
if ($resource_id === TRUE)
|
||||||
{
|
{
|
||||||
return array_keys(ACL::$_resources);
|
return array_keys(AACL::$_resources);
|
||||||
}
|
}
|
||||||
elseif ($resource_id)
|
elseif ($resource_id)
|
||||||
{
|
{
|
||||||
return isset(ACL::$_resources[$resource_id]) ? ACL::$_resources[$resource_id] : NULL;
|
return isset(AACL::$_resources[$resource_id]) ? AACL::$_resources[$resource_id] : NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ACL::$_resources;
|
return AACL::$_resources;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected static function _list_classes($files = NULL)
|
protected static function _list_classes($files = NULL)
|
||||||
|
@ -367,7 +367,7 @@ class ACL {
|
||||||
{
|
{
|
||||||
if (is_array($path))
|
if (is_array($path))
|
||||||
{
|
{
|
||||||
$classes = array_merge($classes, ACL::_list_classes($path));
|
$classes = array_merge($classes, AACL::_list_classes($path));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -414,4 +414,4 @@ class ACL {
|
||||||
*/
|
*/
|
||||||
protected function __clone() {}
|
protected function __clone() {}
|
||||||
|
|
||||||
} // End ACL_Core
|
} // End AACL_Core
|
|
@ -1,14 +1,14 @@
|
||||||
<?php defined('SYSPATH') or die ('No direct script access.');
|
<?php defined('SYSPATH') or die ('No direct script access.');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Base ACL exception
|
* Base AACL exception
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses Sprig
|
* @uses Sprig
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class ACL_Exception extends HTTP_Exception {}
|
class AACL_Exception extends HTTP_Exception {}
|
|
@ -4,18 +4,18 @@
|
||||||
* 401 "User requires authentication" exception
|
* 401 "User requires authentication" exception
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses Sprig
|
* @uses Sprig
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class ACL_Exception_401 extends ACL_Exception {
|
class AACL_Exception_401 extends AACL_Exception {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var integer HTTP 401 Unauthorized
|
* @var integer HTTP 401 Unauthorized
|
||||||
*/
|
*/
|
||||||
protected $_code = 401;
|
protected $_code = 401;
|
||||||
|
|
||||||
}
|
}
|
|
@ -4,18 +4,18 @@
|
||||||
* 403 "Permission denied" exception
|
* 403 "Permission denied" exception
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses Sprig
|
* @uses Sprig
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class ACL_Exception_403 extends ACL_Exception {
|
class AACL_Exception_403 extends AACL_Exception {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var integer HTTP 401 Unauthorized
|
* @var integer HTTP 401 Unauthorized
|
||||||
*/
|
*/
|
||||||
protected $_code = 403;
|
protected $_code = 403;
|
||||||
|
|
||||||
}
|
}
|
|
@ -1,17 +1,17 @@
|
||||||
<?php defined('SYSPATH') or die ('No direct script access.');
|
<?php defined('SYSPATH') or die ('No direct script access.');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL Resource interface
|
* AACL Resource interface
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses Sprig
|
* @uses Sprig
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
interface ACL_Resource {
|
interface AACL_Resource {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets a unique ID string for this resource
|
* Gets a unique ID string for this resource
|
||||||
|
@ -64,4 +64,4 @@ interface ACL_Resource {
|
||||||
*/
|
*/
|
||||||
public static function acl_instance($class_name);
|
public static function acl_instance($class_name);
|
||||||
|
|
||||||
} // End ACL_Resource
|
} // End AACL_Resource
|
|
@ -4,17 +4,17 @@
|
||||||
* Base class for access controlled controllers
|
* Base class for access controlled controllers
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses Sprig
|
* @uses Sprig
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class Controller_ACL extends Controller implements ACL_Resource {
|
class Controller_AACL extends Controller implements AACL_Resource {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_id() implementation
|
* AACL_Resource::acl_id() implementation
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
|
@ -27,7 +27,7 @@ class Controller_ACL extends Controller implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_actions() implementation
|
* AACL_Resource::acl_actions() implementation
|
||||||
*
|
*
|
||||||
* @param bool $return_current [optional]
|
* @param bool $return_current [optional]
|
||||||
* @return mixed
|
* @return mixed
|
||||||
|
@ -57,11 +57,11 @@ class Controller_ACL extends Controller implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_conditions() implementation
|
* AACL_Resource::acl_conditions() implementation
|
||||||
*
|
*
|
||||||
* @param Model_User $user [optional] logged in user model
|
* @param Model_User $user [optional] logged in user model
|
||||||
* @param string $condition [optional] condition to test
|
* @param string $condition [optional] condition to test
|
||||||
* @throws ACL_Exception
|
* @throws AACL_Exception
|
||||||
* @return mixed
|
* @return mixed
|
||||||
*/
|
*/
|
||||||
public function acl_conditions(Model_User $user = NULL, $condition = NULL)
|
public function acl_conditions(Model_User $user = NULL, $condition = NULL)
|
||||||
|
@ -77,7 +77,7 @@ class Controller_ACL extends Controller implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_instance() implementation
|
* AACL_Resource::acl_instance() implementation
|
||||||
*
|
*
|
||||||
* Note that the object instance returned should not be used for anything except querying the acl_* methods
|
* Note that the object instance returned should not be used for anything except querying the acl_* methods
|
||||||
*
|
*
|
||||||
|
@ -102,4 +102,4 @@ class Controller_ACL extends Controller implements ACL_Resource {
|
||||||
return $instance;
|
return $instance;
|
||||||
}
|
}
|
||||||
|
|
||||||
} // End Controller_ACL_Core
|
} // End Controller_AACL_Core
|
|
@ -4,14 +4,14 @@
|
||||||
* Access rule model
|
* Access rule model
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses ORM
|
* @uses ORM
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
class Model_ACL_Rule extends ORM_ACL {
|
class Model_AACL_Rule extends ORM_AACL {
|
||||||
|
|
||||||
protected static $_acl_actions = array(
|
protected static $_acl_actions = array(
|
||||||
'grant',
|
'grant',
|
||||||
|
@ -45,7 +45,7 @@ class Model_ACL_Rule extends ORM_ACL {
|
||||||
// TODO: validation
|
// TODO: validation
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL action
|
* AACL action
|
||||||
* grant access / create rule
|
* grant access / create rule
|
||||||
*
|
*
|
||||||
* @param array $data
|
* @param array $data
|
||||||
|
@ -61,12 +61,12 @@ class Model_ACL_Rule extends ORM_ACL {
|
||||||
|
|
||||||
$this->values($data);
|
$this->values($data);
|
||||||
$this->check();
|
$this->check();
|
||||||
ACL::grant($this->role, $this->resource, $this->action, $this->condition);
|
AACL::grant($this->role, $this->resource, $this->action, $this->condition);
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL action
|
* AACL action
|
||||||
* revoke access / delete rule
|
* revoke access / delete rule
|
||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
|
@ -79,7 +79,7 @@ class Model_ACL_Rule extends ORM_ACL {
|
||||||
throw new Exception('rule doesn\'t exist');
|
throw new Exception('rule doesn\'t exist');
|
||||||
}
|
}
|
||||||
|
|
||||||
ACL::revoke($this->role, $this->resource, $this->action, $this->condition);
|
AACL::revoke($this->role, $this->resource, $this->action, $this->condition);
|
||||||
|
|
||||||
return TRUE;
|
return TRUE;
|
||||||
}
|
}
|
||||||
|
@ -87,12 +87,12 @@ class Model_ACL_Rule extends ORM_ACL {
|
||||||
/**
|
/**
|
||||||
* Check if rule matches current request
|
* Check if rule matches current request
|
||||||
*
|
*
|
||||||
* @param ACL_Resource $resource ACL_Resource object or it's id that user requested access to
|
* @param AACL_Resource $resource AACL_Resource object or it's id that user requested access to
|
||||||
* @param string $action action requested [optional]
|
* @param string $action action requested [optional]
|
||||||
* @param Model_User $user ACL instance
|
* @param Model_User $user AACL instance
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function allows_access_to(ACL_Resource $resource, $action = NULL, Model_User $user = NULL)
|
public function allows_access_to(AACL_Resource $resource, $action = NULL, Model_User $user = NULL)
|
||||||
{
|
{
|
||||||
if (empty($this->resource))
|
if (empty($this->resource))
|
||||||
{
|
{
|
||||||
|
@ -206,4 +206,4 @@ class Model_ACL_Rule extends ORM_ACL {
|
||||||
return parent::create($validation);
|
return parent::create($validation);
|
||||||
}
|
}
|
||||||
|
|
||||||
} // End Model_ACL_Core_Rule
|
} // End Model_AACL_Core_Rule
|
|
@ -4,14 +4,14 @@
|
||||||
* Base class for access controlled ORM Models
|
* Base class for access controlled ORM Models
|
||||||
*
|
*
|
||||||
* @see http://github.com/banks/aacl
|
* @see http://github.com/banks/aacl
|
||||||
* @package ACL
|
* @package AACL
|
||||||
* @uses Auth
|
* @uses Auth
|
||||||
* @uses ORM
|
* @uses ORM
|
||||||
* @author Paul Banks
|
* @author Paul Banks
|
||||||
* @copyright (c) Paul Banks 2010
|
* @copyright (c) Paul Banks 2010
|
||||||
* @license MIT
|
* @license MIT
|
||||||
*/
|
*/
|
||||||
abstract class ORM_ACL extends ORM implements ACL_Resource {
|
abstract class ORM_AACL extends ORM implements AACL_Resource {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var array
|
* @var array
|
||||||
|
@ -30,7 +30,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
|
||||||
protected $_acl_id = '';
|
protected $_acl_id = '';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_id() implementation
|
* AACL_Resource::acl_id() implementation
|
||||||
*
|
*
|
||||||
* Note: keeps a cache of the acl_id and returns it if the model hasn't changed
|
* Note: keeps a cache of the acl_id and returns it if the model hasn't changed
|
||||||
*
|
*
|
||||||
|
@ -57,7 +57,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_actions() implementation
|
* AACL_Resource::acl_actions() implementation
|
||||||
*
|
*
|
||||||
* @param bool $return_current [optional]
|
* @param bool $return_current [optional]
|
||||||
* @return mixed
|
* @return mixed
|
||||||
|
@ -75,7 +75,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_conditions() implementation
|
* AACL_Resource::acl_conditions() implementation
|
||||||
*
|
*
|
||||||
* @param Model_User $user [optional] logged in user model
|
* @param Model_User $user [optional] logged in user model
|
||||||
* @param string $condition [optional] condition to test
|
* @param string $condition [optional] condition to test
|
||||||
|
@ -94,7 +94,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ACL_Resource::acl_instance() implementation
|
* AACL_Resource::acl_instance() implementation
|
||||||
*
|
*
|
||||||
* Note that the object instance returned should not be used for anything except querying the acl_* methods
|
* Note that the object instance returned should not be used for anything except querying the acl_* methods
|
||||||
*
|
*
|
||||||
|
@ -108,4 +108,4 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
|
||||||
return ORM::factory($model_name);
|
return ORM::factory($model_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
} // End ORM_ACL
|
} // End ORM_AACL
|
Loading…
Reference in a new issue