CakePHPのACL(Access Control List)の解説を砕いてみる~ACO の作成~



CakePHPのACL(Access Control List)の解説を砕いてみる~リクエスタとして振舞う~の続き。

ここでやるべきこと。

  1. ACOを作成する
  2. AuthComponent に根ノードの存在を教える


ACOの作成は2パターン存在。

  • ACL シェルを用いる方法
  • AclComponentを使用する

シェルを使用して ACO を作成する

php ~/www/1.2.x.x/cake/console/cake.php acl create aco root controllers

コントローラを使用して ACO を作成する

app_controller.phpを修正してみる

<?php
/* SVN FILE: $Id: app_controller.php 7296 2008-06-27 09:09:03Z gwoo $ */
/**
 * Short description for file.
 *
 * This file is application-wide controller file. You can put all
 * application-wide controller-related methods here.
 *
 * PHP versions 4 and 5
 *
 * CakePHP(tm) :  Rapid Development Framework <http://www.cakephp.org/>
 * Copyright 2005-2008, Cake Software Foundation, Inc.
 *								1785 E. Sahara Avenue, Suite 490-204
 *								Las Vegas, Nevada 89104
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @filesource
 * @copyright		Copyright 2005-2008, Cake Software Foundation, Inc.
 * @link				http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
 * @package			cake
 * @subpackage		cake.cake.libs.controller
 * @since			CakePHP(tm) v 0.2.9
 * @version			$Revision: 7296 $
 * @modifiedby		$LastChangedBy: gwoo $
 * @lastmodified	$Date: 2008-06-27 02:09:03 -0700 (Fri, 27 Jun 2008) $
 * @license			http://www.opensource.org/licenses/mit-license.php The MIT License
 */
/**
 * This is a placeholder class.
 * Create the same file in app/app_controller.php
 *
 * Add your application-wide methods in the class below, your controllers
 * will inherit them.
 *
 * @package		cake
 * @subpackage	cake.cake.libs.controller
 */
class AppController extends Controller {

    var $components = array('Auth', 'Acl');

    function beforeFilter() {

        //-----add--start--mitsugi-bb-------
        $this->Acl->Aco->create(array('parent_id' => null, 'alias' => 'controllers'));
        $this->Acl->Aco->save();
        //-----add--end--mitsugi-bb-------

        // AuthComponent のコンフィギュレーション
        $this->Auth->authorize = 'actions';
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
        $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
    }

}
?>

上記のように追加すると ACO を作成されるのですが、アクセスする度にINSERTしてしまう為恐ろしいです。

INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',1,2)
INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',3,4)
INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',5,6)

ACO の作成を自動化するには次のページを確認下さい。

作成したACOは以下のコマンドで確認できます。

$> php ~/www/1.2.x.x/cake/console/cake.php acl view aco
Aco tree:
---------------------------------------------------------------
  [1]controllers

---------------------------------------------------------------

$>

AuthComponent に根ノードの存在を教える

app_controller.phpを修正。

<?php
/* SVN FILE: $Id: app_controller.php 7296 2008-06-27 09:09:03Z gwoo $ */
/**
 * Short description for file.
 *
 * This file is application-wide controller file. You can put all
 * application-wide controller-related methods here.
 *
 * PHP versions 4 and 5
 *
 * CakePHP(tm) :  Rapid Development Framework <http://www.cakephp.org/>
 * Copyright 2005-2008, Cake Software Foundation, Inc.
 *								1785 E. Sahara Avenue, Suite 490-204
 *								Las Vegas, Nevada 89104
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @filesource
 * @copyright		Copyright 2005-2008, Cake Software Foundation, Inc.
 * @link				http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
 * @package			cake
 * @subpackage		cake.cake.libs.controller
 * @since			CakePHP(tm) v 0.2.9
 * @version			$Revision: 7296 $
 * @modifiedby		$LastChangedBy: gwoo $
 * @lastmodified	$Date: 2008-06-27 02:09:03 -0700 (Fri, 27 Jun 2008) $
 * @license			http://www.opensource.org/licenses/mit-license.php The MIT License
 */
/**
 * This is a placeholder class.
 * Create the same file in app/app_controller.php
 *
 * Add your application-wide methods in the class below, your controllers
 * will inherit them.
 *
 * @package		cake
 * @subpackage	cake.cake.libs.controller
 */
class AppController extends Controller {

    var $components = array('Auth', 'Acl');

    function beforeFilter() {

        //-----add--start--mitsugi-bb-------
        $this->Auth->actionPath = 'controllers/';
        //-----add--end--mitsugi-bb-------

        // AuthComponent のコンフィギュレーション
        $this->Auth->authorize = 'actions';
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
        $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
    }

}
?>

cake/libs/controller/components/auth.phpに、actionPath があります。
これを変更して具体的に何が変わるのかわかっていません・・・


次のページでは、自動ACOの登録を自動で行うコントローラを紹介しています。


次のページはまた今度(ぁ

次のページ