oreolek/kohana-aacl
1
0
Fork 0
mirror of https://github.com/Oreolek/aacl.git synced 2024-04-26 22:19:33 +03:00
Code Issues Releases Wiki Activity

Reverted renaming

Browse source
This commit is contained in:
Alexander Yakovlev 2013-07-10 12:33:44 +07:00
parent 6ab2e7479d
commit 3b6436a70c
10 changed files with 86 additions and 86 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
acl.sql → aacl.sql
View file

@ -1,4 +1,4 @@
CREATE TABLE IF NOT EXISTS `acl` ( CREATE TABLE IF NOT EXISTS `aacl` (
`id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT, `id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`role_id` INT(10) UNSIGNED DEFAULT NULL, `role_id` INT(10) UNSIGNED DEFAULT NULL,
`resource` VARCHAR(255) DEFAULT NULL, `resource` VARCHAR(255) DEFAULT NULL,
@ -6,4 +6,4 @@ CREATE TABLE IF NOT EXISTS `acl` (
`condition` VARCHAR(255) DEFAULT NULL, `condition` VARCHAR(255) DEFAULT NULL,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `role_id` (`role_id`) KEY `role_id` (`role_id`)
) ENGINE=INNODB; ) ENGINE=INNODB;

92
classes/acl.php → classes/aacl.php
View file

@ -1,22 +1,22 @@
<?php defined('SYSPATH') or die ('No direct script access.'); <?php defined('SYSPATH') or die ('No direct script access.');
/** /**
* Another ACL * Another AACL
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses ORM * @uses ORM
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class ACL { class AACL {
/** /**
* All rules that apply to the currently logged in user * All rules that apply to the currently logged in user
* *
* @var array contains Model_ACL_Rule objects * @var array contains Model_AACL_Rule objects
*/ */
protected static $_rules; protected static $_rules;
@ -44,7 +44,7 @@ class ACL {
* @param string $resource resource identifier [optional] * @param string $resource resource identifier [optional]
* @param string $action action [optional] * @param string $action action [optional]
* @param string $condition condition [optional] * @param string $condition condition [optional]
* @throws ACL_Exception * @throws AACL_Exception
* @return void * @return void
*/ */
public static function grant($role = NULL, $resource = NULL, $action = NULL, $condition = NULL) public static function grant($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
@ -53,19 +53,19 @@ class ACL {
if ( ! is_null($role)) if ( ! is_null($role))
{ {
// Normalize $role // Normalize $role
$role = ACL::normalize_role($role); $role = AACL::normalize_role($role);
// Check role exists // Check role exists
if ( ! $role->loaded()) if ( ! $role->loaded())
{ {
throw new ACL_Exception('Unknown role :role passed to ACL::grant()', throw new AACL_Exception('Unknown role :role passed to AACL::grant()',
array(':role' => $role->name)); array(':role' => $role->name));
} }
} }
// Create rule // Create rule
ACL::create_rule( AACL::create_rule(
array( array(
'role_id' => $role, 'role_id' => $role,
'resource' => $resource, 'resource' => $resource,
@ -87,7 +87,7 @@ class ACL {
*/ */
public static function revoke($role = NULL, $resource = NULL, $action = NULL, $condition = NULL) public static function revoke($role = NULL, $resource = NULL, $action = NULL, $condition = NULL)
{ {
$model = ORM::factory('ACL_Rule'); $model = ORM::factory('AACL_Rule');
if (is_null($role)) if (is_null($role))
{ {
@ -96,7 +96,7 @@ class ACL {
else else
{ {
// Normalize $role // Normalize $role
$role = ACL::normalize_role($role); $role = AACL::normalize_role($role);
// Check role exists // Check role exists
if ( ! $role->loaded()) if ( ! $role->loaded())
@ -136,17 +136,17 @@ class ACL {
* Method, that allows to check any rule from database in any place of project. * Method, that allows to check any rule from database in any place of project.
* Works with string presentations of resources, actions, roles and conditions * Works with string presentations of resources, actions, roles and conditions
* *
* @param ACL_Resource $resource * @param AACL_Resource $resource
* @param string $action * @param string $action
* @return bool * @return bool
*/ */
public static function access(ACL_Resource $resource, $action = NULL) public static function access(AACL_Resource $resource, $action = NULL)
{ {
try try
{ {
ACL::check($resource, $action); AACL::check($resource, $action);
} }
catch (ACL_Exception $e) catch (AACL_Exception $e)
{ {
return FALSE; return FALSE;
} }
@ -158,21 +158,21 @@ class ACL {
* Checks user has permission to access resource * Checks user has permission to access resource
* works with unauthenticated users (role_id = NULL) * works with unauthenticated users (role_id = NULL)
* *
* @param ACL_Resource $resource ACL_Resource object being requested * @param AACL_Resource $resource AACL_Resource object being requested
* @param string $action action identifier [optional] * @param string $action action identifier [optional]
* @throws ACL_Exception_401 To identify permission or authentication failure * @throws AACL_Exception_401 To identify permission or authentication failure
* @throws ACL_Exception_403 To identify permission or authentication failure * @throws AACL_Exception_403 To identify permission or authentication failure
* @return void * @return void
*/ */
public static function check(ACL_Resource $resource, $action = NULL) public static function check(AACL_Resource $resource, $action = NULL)
{ {
$user = ACL::get_loggedin_user(); $user = AACL::get_loggedin_user();
// User is logged in, check rules // User is logged in, check rules
$rules = ACL::_get_rules($user); $rules = AACL::_get_rules($user);
/** /**
* @var Model_ACL_Rule $rule * @var Model_AACL_Rule $rule
*/ */
foreach ($rules as $rule) foreach ($rules as $rule)
{ {
@ -186,30 +186,30 @@ class ACL {
// No access rule matched // No access rule matched
if ($user) if ($user)
{ {
throw new ACL_Exception_403; throw new AACL_Exception_403;
} }
else else
{ {
throw new ACL_Exception_401; throw new AACL_Exception_401;
} }
} }
/** /**
* Almost the same as check() but doesn't throw exceptions and answer is boolean * Almost the same as check() but doesn't throw exceptions and answer is boolean
* *
* @param ACL_Resource $resource ACL_Resource object being requested * @param AACL_Resource $resource AACL_Resource object being requested
* @param string $action action identifier [optional] * @param string $action action identifier [optional]
* @return boolean * @return boolean
*/ */
public static function check_if(ACL_Resource $resource, $action = NULL) public static function check_if(AACL_Resource $resource, $action = NULL)
{ {
$user = ACL::get_loggedin_user(); $user = AACL::get_loggedin_user();
// User is logged in, check rules // User is logged in, check rules
$rules = ACL::_get_rules($user); $rules = AACL::_get_rules($user);
/** /**
* @var Model_ACL_Rule $rule * @var Model_AACL_Rule $rule
*/ */
foreach ($rules as $rule) foreach ($rules as $rule)
{ {
@ -223,7 +223,7 @@ class ACL {
} }
/** /**
* Create an ACL rule * Create an AACL rule
* *
* @param array $fields optional fields' values * @param array $fields optional fields' values
* *
@ -231,7 +231,7 @@ class ACL {
*/ */
public static function create_rule(array $fields = array()) public static function create_rule(array $fields = array())
{ {
ORM::factory('ACL_Rule')->values($fields)->create(); ORM::factory('AACL_Rule')->values($fields)->create();
} }
/** /**
@ -245,29 +245,29 @@ class ACL {
*/ */
public static function _get_rules($user = FALSE, $force_load = FALSE) public static function _get_rules($user = FALSE, $force_load = FALSE)
{ {
if ( ! isset(ACL::$_rules) || $force_load) if ( ! isset(AACL::$_rules) || $force_load)
{ {
$select_query = ORM::factory('ACL_Rule') $select_query = ORM::factory('AACL_Rule')
// User is guest // User is guest
->where('role_id', '=', NULL); ->where('role_id', '=', NULL);
// Get rules for user // Get rules for user
if ($user instanceof Model_User and $user->loaded()) if ($user instanceof Model_User and $user->loaded())
{ {
ACL::$_rules = $select_query->or_where('role_id', 'IN', $user->roles->find_all()->as_array()); AACL::$_rules = $select_query->or_where('role_id', 'IN', $user->roles->find_all()->as_array());
} }
// Get rules for role // Get rules for role
elseif ($user instanceof Model_Role and $user->loaded()) elseif ($user instanceof Model_Role and $user->loaded())
{ {
ACL::$_rules = $select_query->or_where('role_id', '=', $user->id); AACL::$_rules = $select_query->or_where('role_id', '=', $user->id);
} }
ACL::$_rules = $select_query AACL::$_rules = $select_query
->order_by('LENGTH("resource")', 'ASC') ->order_by('LENGTH("resource")', 'ASC')
->find_all()->as_array(); ->find_all()->as_array();
} }
return ACL::$_rules; return AACL::$_rules;
} }
/** /**
@ -280,17 +280,17 @@ class ACL {
*/ */
public static function list_resources($resource_id = FALSE) public static function list_resources($resource_id = FALSE)
{ {
if ( ! isset(ACL::$_resources)) if ( ! isset(AACL::$_resources))
{ {
// Find all classes in the application and modules // Find all classes in the application and modules
$classes = ACL::_list_classes(); $classes = AACL::_list_classes();
// Loop through classes and see if they implement ACL_Resource // Loop through classes and see if they implement AACL_Resource
foreach ($classes as $class_name) foreach ($classes as $class_name)
{ {
$class = new ReflectionClass($class_name); $class = new ReflectionClass($class_name);
if ($class->implementsInterface('ACL_Resource')) if ($class->implementsInterface('AACL_Resource'))
{ {
// Ignore interfaces and abstract classes // Ignore interfaces and abstract classes
if ($class->isInterface() || $class->isAbstract()) if ($class->isInterface() || $class->isAbstract())
@ -302,7 +302,7 @@ class ACL {
$resource = $class->getMethod('acl_instance')->invoke($class_name, $class_name); $resource = $class->getMethod('acl_instance')->invoke($class_name, $class_name);
// Get resource info // Get resource info
ACL::$_resources[$resource->acl_id()] = array( AACL::$_resources[$resource->acl_id()] = array(
'actions' => $resource->acl_actions(), 'actions' => $resource->acl_actions(),
'conditions' => $resource->acl_conditions(), 'conditions' => $resource->acl_conditions(),
); );
@ -314,14 +314,14 @@ class ACL {
if ($resource_id === TRUE) if ($resource_id === TRUE)
{ {
return array_keys(ACL::$_resources); return array_keys(AACL::$_resources);
} }
elseif ($resource_id) elseif ($resource_id)
{ {
return isset(ACL::$_resources[$resource_id]) ? ACL::$_resources[$resource_id] : NULL; return isset(AACL::$_resources[$resource_id]) ? AACL::$_resources[$resource_id] : NULL;
} }
return ACL::$_resources; return AACL::$_resources;
} }
protected static function _list_classes($files = NULL) protected static function _list_classes($files = NULL)
@ -367,7 +367,7 @@ class ACL {
{ {
if (is_array($path)) if (is_array($path))
{ {
$classes = array_merge($classes, ACL::_list_classes($path)); $classes = array_merge($classes, AACL::_list_classes($path));
} }
else else
{ {
@ -414,4 +414,4 @@ class ACL {
*/ */
protected function __clone() {} protected function __clone() {}
} // End ACL_Core } // End AACL_Core

6
classes/acl/exception.php → classes/aacl/exception.php
View file

@ -1,14 +1,14 @@
<?php defined('SYSPATH') or die ('No direct script access.'); <?php defined('SYSPATH') or die ('No direct script access.');
/** /**
* Base ACL exception * Base AACL exception
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses Sprig * @uses Sprig
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class ACL_Exception extends HTTP_Exception {} class AACL_Exception extends HTTP_Exception {}

6
classes/acl/exception/401.php → classes/aacl/exception/401.php
View file

@ -4,18 +4,18 @@
* 401 "User requires authentication" exception * 401 "User requires authentication" exception
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses Sprig * @uses Sprig
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class ACL_Exception_401 extends ACL_Exception { class AACL_Exception_401 extends AACL_Exception {
/** /**
* @var integer HTTP 401 Unauthorized * @var integer HTTP 401 Unauthorized
*/ */
protected $_code = 401; protected $_code = 401;
} }

6
classes/acl/exception/403.php → classes/aacl/exception/403.php
View file

@ -4,18 +4,18 @@
* 403 "Permission denied" exception * 403 "Permission denied" exception
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses Sprig * @uses Sprig
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class ACL_Exception_403 extends ACL_Exception { class AACL_Exception_403 extends AACL_Exception {
/** /**
* @var integer HTTP 401 Unauthorized * @var integer HTTP 401 Unauthorized
*/ */
protected $_code = 403; protected $_code = 403;
} }

8
classes/acl/resource.php → classes/aacl/resource.php
View file

@ -1,17 +1,17 @@
<?php defined('SYSPATH') or die ('No direct script access.'); <?php defined('SYSPATH') or die ('No direct script access.');
/** /**
* ACL Resource interface * AACL Resource interface
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses Sprig * @uses Sprig
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
interface ACL_Resource { interface AACL_Resource {
/** /**
* Gets a unique ID string for this resource * Gets a unique ID string for this resource
@ -64,4 +64,4 @@ interface ACL_Resource {
*/ */
public static function acl_instance($class_name); public static function acl_instance($class_name);
} // End ACL_Resource } // End AACL_Resource

16
classes/controller/acl.php → classes/controller/aacl.php
View file

@ -4,17 +4,17 @@
* Base class for access controlled controllers * Base class for access controlled controllers
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses Sprig * @uses Sprig
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class Controller_ACL extends Controller implements ACL_Resource { class Controller_AACL extends Controller implements AACL_Resource {
/** /**
* ACL_Resource::acl_id() implementation * AACL_Resource::acl_id() implementation
* *
* @return string * @return string
*/ */
@ -27,7 +27,7 @@ class Controller_ACL extends Controller implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_actions() implementation * AACL_Resource::acl_actions() implementation
* *
* @param bool $return_current [optional] * @param bool $return_current [optional]
* @return mixed * @return mixed
@ -57,11 +57,11 @@ class Controller_ACL extends Controller implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_conditions() implementation * AACL_Resource::acl_conditions() implementation
* *
* @param Model_User $user [optional] logged in user model * @param Model_User $user [optional] logged in user model
* @param string $condition [optional] condition to test * @param string $condition [optional] condition to test
* @throws ACL_Exception * @throws AACL_Exception
* @return mixed * @return mixed
*/ */
public function acl_conditions(Model_User $user = NULL, $condition = NULL) public function acl_conditions(Model_User $user = NULL, $condition = NULL)
@ -77,7 +77,7 @@ class Controller_ACL extends Controller implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_instance() implementation * AACL_Resource::acl_instance() implementation
* *
* Note that the object instance returned should not be used for anything except querying the acl_* methods * Note that the object instance returned should not be used for anything except querying the acl_* methods
* *
@ -102,4 +102,4 @@ class Controller_ACL extends Controller implements ACL_Resource {
return $instance; return $instance;
} }
} // End Controller_ACL_Core } // End Controller_AACL_Core

20
classes/model/acl/rule.php → classes/model/aacl/rule.php
View file

@ -4,14 +4,14 @@
* Access rule model * Access rule model
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses ORM * @uses ORM
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
class Model_ACL_Rule extends ORM_ACL { class Model_AACL_Rule extends ORM_AACL {
protected static $_acl_actions = array( protected static $_acl_actions = array(
'grant', 'grant',
@ -45,7 +45,7 @@ class Model_ACL_Rule extends ORM_ACL {
// TODO: validation // TODO: validation
/** /**
* ACL action * AACL action
* grant access / create rule * grant access / create rule
* *
* @param array $data * @param array $data
@ -61,12 +61,12 @@ class Model_ACL_Rule extends ORM_ACL {
$this->values($data); $this->values($data);
$this->check(); $this->check();
ACL::grant($this->role, $this->resource, $this->action, $this->condition); AACL::grant($this->role, $this->resource, $this->action, $this->condition);
return $this; return $this;
} }
/** /**
* ACL action * AACL action
* revoke access / delete rule * revoke access / delete rule
* *
* @return bool * @return bool
@ -79,7 +79,7 @@ class Model_ACL_Rule extends ORM_ACL {
throw new Exception('rule doesn\'t exist'); throw new Exception('rule doesn\'t exist');
} }
ACL::revoke($this->role, $this->resource, $this->action, $this->condition); AACL::revoke($this->role, $this->resource, $this->action, $this->condition);
return TRUE; return TRUE;
} }
@ -87,12 +87,12 @@ class Model_ACL_Rule extends ORM_ACL {
/** /**
* Check if rule matches current request * Check if rule matches current request
* *
* @param ACL_Resource $resource ACL_Resource object or it's id that user requested access to * @param AACL_Resource $resource AACL_Resource object or it's id that user requested access to
* @param string $action action requested [optional] * @param string $action action requested [optional]
* @param Model_User $user ACL instance * @param Model_User $user AACL instance
* @return bool * @return bool
*/ */
public function allows_access_to(ACL_Resource $resource, $action = NULL, Model_User $user = NULL) public function allows_access_to(AACL_Resource $resource, $action = NULL, Model_User $user = NULL)
{ {
if (empty($this->resource)) if (empty($this->resource))
{ {
@ -206,4 +206,4 @@ class Model_ACL_Rule extends ORM_ACL {
return parent::create($validation); return parent::create($validation);
} }
} // End Model_ACL_Core_Rule } // End Model_AACL_Core_Rule

14
classes/orm/acl.php → classes/orm/aacl.php
View file

@ -4,14 +4,14 @@
* Base class for access controlled ORM Models * Base class for access controlled ORM Models
* *
* @see http://github.com/banks/aacl * @see http://github.com/banks/aacl
* @package ACL * @package AACL
* @uses Auth * @uses Auth
* @uses ORM * @uses ORM
* @author Paul Banks * @author Paul Banks
* @copyright (c) Paul Banks 2010 * @copyright (c) Paul Banks 2010
* @license MIT * @license MIT
*/ */
abstract class ORM_ACL extends ORM implements ACL_Resource { abstract class ORM_AACL extends ORM implements AACL_Resource {
/** /**
* @var array * @var array
@ -30,7 +30,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
protected $_acl_id = ''; protected $_acl_id = '';
/** /**
* ACL_Resource::acl_id() implementation * AACL_Resource::acl_id() implementation
* *
* Note: keeps a cache of the acl_id and returns it if the model hasn't changed * Note: keeps a cache of the acl_id and returns it if the model hasn't changed
* *
@ -57,7 +57,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_actions() implementation * AACL_Resource::acl_actions() implementation
* *
* @param bool $return_current [optional] * @param bool $return_current [optional]
* @return mixed * @return mixed
@ -75,7 +75,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_conditions() implementation * AACL_Resource::acl_conditions() implementation
* *
* @param Model_User $user [optional] logged in user model * @param Model_User $user [optional] logged in user model
* @param string $condition [optional] condition to test * @param string $condition [optional] condition to test
@ -94,7 +94,7 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
} }
/** /**
* ACL_Resource::acl_instance() implementation * AACL_Resource::acl_instance() implementation
* *
* Note that the object instance returned should not be used for anything except querying the acl_* methods * Note that the object instance returned should not be used for anything except querying the acl_* methods
* *
@ -108,4 +108,4 @@ abstract class ORM_ACL extends ORM implements ACL_Resource {
return ORM::factory($model_name); return ORM::factory($model_name);
} }
} // End ORM_ACL } // End ORM_AACL

0
classes/sprig/acl.php → classes/sprig/aacl.php
View file