CakePHPのACL(Access Control List)の解説を砕いてみる~ACO の作成~
CakePHPのACL(Access Control List)の解説を砕いてみる~リクエスタとして振舞う~の続き。
ここでやるべきこと。
- ACOを作成する
- AuthComponent に根ノードの存在を教える
ACOの作成は2パターン存在。
- ACL シェルを用いる方法
- AclComponentを使用する
シェルを使用して ACO を作成する
php ~/www/1.2.x.x/cake/console/cake.php acl create aco root controllers
コントローラを使用して ACO を作成する
app_controller.phpを修正してみる
<?php /* SVN FILE: $Id: app_controller.php 7296 2008-06-27 09:09:03Z gwoo $ */ /** * Short description for file. * * This file is application-wide controller file. You can put all * application-wide controller-related methods here. * * PHP versions 4 and 5 * * CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/> * Copyright 2005-2008, Cake Software Foundation, Inc. * 1785 E. Sahara Avenue, Suite 490-204 * Las Vegas, Nevada 89104 * * Licensed under The MIT License * Redistributions of files must retain the above copyright notice. * * @filesource * @copyright Copyright 2005-2008, Cake Software Foundation, Inc. * @link http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project * @package cake * @subpackage cake.cake.libs.controller * @since CakePHP(tm) v 0.2.9 * @version $Revision: 7296 $ * @modifiedby $LastChangedBy: gwoo $ * @lastmodified $Date: 2008-06-27 02:09:03 -0700 (Fri, 27 Jun 2008) $ * @license http://www.opensource.org/licenses/mit-license.php The MIT License */ /** * This is a placeholder class. * Create the same file in app/app_controller.php * * Add your application-wide methods in the class below, your controllers * will inherit them. * * @package cake * @subpackage cake.cake.libs.controller */ class AppController extends Controller { var $components = array('Auth', 'Acl'); function beforeFilter() { //-----add--start--mitsugi-bb------- $this->Acl->Aco->create(array('parent_id' => null, 'alias' => 'controllers')); $this->Acl->Aco->save(); //-----add--end--mitsugi-bb------- // AuthComponent のコンフィギュレーション $this->Auth->authorize = 'actions'; $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login'); $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add'); } } ?>
上記のように追加すると ACO を作成されるのですが、アクセスする度にINSERTしてしまう為恐ろしいです。
INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',1,2) INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',3,4) INSERT INTO `acos` (`parent_id`,`alias`,`lft`,`rght`) VALUES (NULL,'controllers',5,6)
ACO の作成を自動化するには次のページを確認下さい。
作成したACOは以下のコマンドで確認できます。
$> php ~/www/1.2.x.x/cake/console/cake.php acl view aco Aco tree: --------------------------------------------------------------- [1]controllers --------------------------------------------------------------- $>
AuthComponent に根ノードの存在を教える
app_controller.phpを修正。
<?php /* SVN FILE: $Id: app_controller.php 7296 2008-06-27 09:09:03Z gwoo $ */ /** * Short description for file. * * This file is application-wide controller file. You can put all * application-wide controller-related methods here. * * PHP versions 4 and 5 * * CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/> * Copyright 2005-2008, Cake Software Foundation, Inc. * 1785 E. Sahara Avenue, Suite 490-204 * Las Vegas, Nevada 89104 * * Licensed under The MIT License * Redistributions of files must retain the above copyright notice. * * @filesource * @copyright Copyright 2005-2008, Cake Software Foundation, Inc. * @link http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project * @package cake * @subpackage cake.cake.libs.controller * @since CakePHP(tm) v 0.2.9 * @version $Revision: 7296 $ * @modifiedby $LastChangedBy: gwoo $ * @lastmodified $Date: 2008-06-27 02:09:03 -0700 (Fri, 27 Jun 2008) $ * @license http://www.opensource.org/licenses/mit-license.php The MIT License */ /** * This is a placeholder class. * Create the same file in app/app_controller.php * * Add your application-wide methods in the class below, your controllers * will inherit them. * * @package cake * @subpackage cake.cake.libs.controller */ class AppController extends Controller { var $components = array('Auth', 'Acl'); function beforeFilter() { //-----add--start--mitsugi-bb------- $this->Auth->actionPath = 'controllers/'; //-----add--end--mitsugi-bb------- // AuthComponent のコンフィギュレーション $this->Auth->authorize = 'actions'; $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login'); $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add'); } } ?>
cake/libs/controller/components/auth.phpに、actionPath があります。
これを変更して具体的に何が変わるのかわかっていません・・・
次のページでは、自動ACOの登録を自動で行うコントローラを紹介しています。
次のページはまた今度(ぁ