2005-11-05 04:08:14 +00:00
#!/usr/bin/php -q
< ? php
2005-12-23 21:57:26 +00:00
/* SVN FILE: $Id$ */
/**
* Short description for file .
*
* Long description for file
*
* PHP versions 4 and 5
*
* CakePHP : Rapid Development Framework < http :// www . cakephp . org />
* Copyright ( c ) 2005 , Cake Software Foundation , Inc .
* 1785 E . Sahara Avenue , Suite 490 - 204
* Las Vegas , Nevada 89104
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice .
*
* @ filesource
* @ copyright Copyright ( c ) 2005 , Cake Software Foundation , Inc .
* @ link http :// www . cakefoundation . org / projects / info / cakephp CakePHP Project
* @ package cake
* @ subpackage cake . cake . libs . controller . components . dbacl . models
* @ since CakePHP v 0.10 . 0.1232
* @ version $Revision $
* @ modifiedby $LastChangedBy $
* @ lastmodified $Date $
* @ license http :// www . opensource . org / licenses / mit - license . php The MIT License
*/
2005-11-05 04:08:14 +00:00
ini_set ( 'display_errors' , '1' );
ini_set ( 'error_reporting' , '7' );
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
2005-11-05 04:08:14 +00:00
define ( 'DS' , DIRECTORY_SEPARATOR );
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
2005-11-05 04:08:14 +00:00
define ( 'ROOT' , dirname ( dirname ( dirname ( __FILE__ ))) . DS );
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
2005-11-05 04:08:14 +00:00
define ( 'APP_DIR' , 'app' );
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
define ( 'DEBUG' , 1 );
2005-11-05 04:08:14 +00:00
require_once ( ROOT . 'cake' . DS . 'config' . DS . 'paths.php' );
require_once ( CAKE . 'basics.php' );
require_once ( CONFIGS . 'core.php' );
require_once ( CONFIGS . 'database.php' );
uses ( 'neat_array' );
uses ( 'model' . DS . 'dbo' . DS . 'dbo_factory' );
uses ( 'controller' . DS . 'controller' );
uses ( 'controller' . DS . 'components' . DS . 'acl' );
uses ( 'controller' . DS . 'components' . DS . 'dbacl' . DS . 'models' . DS . 'aclnode' );
uses ( 'controller' . DS . 'components' . DS . 'dbacl' . DS . 'models' . DS . 'aco' );
uses ( 'controller' . DS . 'components' . DS . 'dbacl' . DS . 'models' . DS . 'acoaction' );
uses ( 'controller' . DS . 'components' . DS . 'dbacl' . DS . 'models' . DS . 'aro' );
//Get and format args: first arg is the name of the script.
$wasted = array_shift ( $_SERVER [ 'argv' ]);
$command = array_shift ( $_SERVER [ 'argv' ]);
$args = $_SERVER [ 'argv' ];
$aclCLI = new AclCLI ( $command , $args );
class AclCLI {
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $stdin ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $stdout ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $stderr ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $acl ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $controller ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ var unknown_type
*/
2005-11-05 04:08:14 +00:00
var $args ;
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $command
* @ param unknown_type $args
* @ return AclCLI
*/
function AclCLI ( $command , $args )
2005-11-05 04:08:14 +00:00
{
$this -> __construct ( $command , $args );
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $command
* @ param unknown_type $args
*/
function __construct ( $command , $args )
2005-11-05 04:08:14 +00:00
{
$acl = new AclComponent ();
2005-12-23 21:57:26 +00:00
$this -> acl = $acl -> getACL ();
2005-11-05 04:08:14 +00:00
$this -> args = $args ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$this -> controller =& new Controller ();
$this -> controller -> constructClasses ();
$this -> stdin = fopen ( 'php://stdin' , 'r' );
$this -> stdout = fopen ( 'php://stdout' , 'w' );
$this -> stderr = fopen ( 'php://stderr' , 'w' );
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
//Check to see if DB ACL is enabled
2005-12-23 21:57:26 +00:00
if ( ACL_CLASSNAME != 'DB_ACL' )
2005-11-05 04:08:14 +00:00
{
$out = " -------------------------------------------------- \n " ;
$out .= " Error: Your current Cake configuration is set to \n " ;
$out .= " an ACL implementation other than DB. Please change \n " ;
$out .= " your core config to reflect your decision to use \n " ;
$out .= " DB_ACL before attempting to use this script. \n " ;
$out .= " -------------------------------------------------- \n " ;
$out .= " Current ACL Classname: " . ACL_CLASSNAME . " \n " ;
$out .= " -------------------------------------------------- \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
fwrite ( $this -> stderr , $out );
exit ();
}
2005-12-23 21:57:26 +00:00
switch ( $command )
2005-11-05 04:08:14 +00:00
{
case 'create' :
2005-12-23 21:57:26 +00:00
$this -> create ();
break ;
2005-11-05 04:08:14 +00:00
case 'delete' :
2005-12-23 21:57:26 +00:00
$this -> delete ();
2005-11-05 04:08:14 +00:00
break ;
case 'setParent' :
2005-12-23 21:57:26 +00:00
$this -> setParent ();
2005-11-05 04:08:14 +00:00
break ;
case 'getPath' :
2005-12-23 21:57:26 +00:00
$this -> getPath ();
2005-11-05 04:08:14 +00:00
break ;
case 'grant' :
2005-12-23 21:57:26 +00:00
$this -> grant ();
2005-11-05 04:08:14 +00:00
break ;
case 'deny' :
2005-12-23 21:57:26 +00:00
$this -> deny ();
2005-11-05 04:08:14 +00:00
break ;
case 'inherit' :
2005-12-23 21:57:26 +00:00
$this -> inherit ();
2005-11-05 04:08:14 +00:00
break ;
case 'view' :
$this -> view ();
break ;
2005-12-23 21:57:26 +00:00
case 'initdb' :
$this -> initdb ();
break ;
2005-11-05 04:08:14 +00:00
case 'help' :
$this -> help ();
break ;
default :
fwrite ( $this -> stderr , " Unknown ACL command ' $command '. \n For usage, try 'php acl.php help'. \n \n " );
}
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function create ()
2005-11-05 04:08:14 +00:00
{
$this -> checkArgNumber ( 4 , 'create' );
$this -> checkNodeType ();
extract ( $this -> __dataVars ());
$node = & new $class ;
2005-12-23 21:57:26 +00:00
$parent = intval ( $this -> args [ 2 ]);
if ( ! $node -> create ( intval ( $this -> args [ 1 ]), $parent , $this -> args [ 3 ]))
2005-11-05 04:08:14 +00:00
{
2005-12-23 21:57:26 +00:00
$this -> displayError ( " Parent Node Not Found " , " There was an error creating the Aro, probably couldn't find the parent node. \n If you wish to create a new root node, specify the parent ID as '0'. " );
2005-11-05 04:08:14 +00:00
}
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
fwrite ( $this -> stdout , " New $class ' " . $this -> args [ 3 ] . " ' created. \n \n " );
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function delete ()
2005-11-05 04:08:14 +00:00
{
$this -> checkArgNumber ( 2 , 'delete' );
$this -> checkNodeType ();
extract ( $this -> __dataVars ());
$node = & new $class ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
//What about children?
//$node->del($this->args[1]);
//fwrite($this->stdout, "$class deleted.\n\n");
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function setParent ()
{
2005-11-05 04:08:14 +00:00
$this -> checkArgNumber ( 3 , 'setParent' );
$this -> checkNodeType ();
extract ( $this -> __dataVars ());
$node = & new $class ;
2005-12-23 21:57:26 +00:00
if ( ! $node -> setParent ( intval ( $this -> args [ 2 ]), intval ( $this -> args [ 1 ])))
2005-11-05 04:08:14 +00:00
{
2005-12-23 21:57:26 +00:00
fwrite ( $this -> stdout , " Error in setting new parent. Please make sure the parent node exists, and is not a descendant of the node specified. \n " );
}
else
{
fwrite ( $this -> stdout , " Node parent set to " . $this -> args [ 2 ] . " \n \n " );
2005-11-05 04:08:14 +00:00
}
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function getPath ()
2005-11-05 04:08:14 +00:00
{
$this -> checkArgNumber ( 2 , 'getPath' );
$this -> checkNodeType ();
extract ( $this -> __dataVars ());
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$suppliedNode = $this -> nodeExists ( $this -> args [ 0 ], $this -> args [ 1 ]);
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
if ( ! $suppliedNode )
{
$this -> displayError ( " Supplied Node ' " . $args [ 1 ] . " ' not found. No tree returned. " );
}
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$node = & new $class ;
2005-12-23 21:57:26 +00:00
$nodes = $node -> getPath ( intval ( $this -> args [ 1 ]));
for ( $i = 0 ; $i < count ( $nodes ); $i ++ )
{
fwrite ( $this -> stdout , str_repeat ( ' ' , $i ) . " [ " . $nodes [ $i ][ $class ][ 'id' ] . " ] " . $nodes [ $i ][ $class ][ 'alias' ] . " \n " );
}
2005-11-05 04:08:14 +00:00
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function grant ()
2005-11-05 04:08:14 +00:00
{
$this -> checkArgNumber ( 3 , 'grant' );
//add existence checks for nodes involved
2005-12-23 21:57:26 +00:00
$this -> acl -> allow ( intval ( $this -> args [ 0 ]), intval ( $this -> args [ 1 ]), $this -> args [ 2 ]);
fwrite ( $this -> stdout , " Permission granted. \n " );
2005-11-05 04:08:14 +00:00
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function deny ()
2005-11-05 04:08:14 +00:00
{
$this -> checkArgNumber ( 3 , 'deny' );
//add existence checks for nodes involved
2005-12-23 21:57:26 +00:00
$this -> acl -> deny ( intval ( $this -> args [ 0 ]), intval ( $this -> args [ 1 ]), $this -> args [ 2 ]);
fwrite ( $this -> stdout , " Requested permission successfully denied. \n " );
2005-11-05 04:08:14 +00:00
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
2005-11-05 04:08:14 +00:00
function inherit () {}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
function view ()
2005-11-05 04:08:14 +00:00
{
2005-12-23 21:57:26 +00:00
$this -> checkArgNumber ( 1 , 'view' );
$this -> checkNodeType ();
extract ( $this -> __dataVars ());
$node = & new $class ;
$nodes = $node -> findAll ( null , null , 'lft ASC' );
$right = array ();
fwrite ( $this -> stdout , $class . " tree: \n " );
fwrite ( $this -> stdout , " ------------------------------------------------ \n " );
for ( $i = 0 ; $i < count ( $nodes ); $i ++ )
{
if ( count ( $right ) > 0 )
{
while ( $right [ count ( $right ) - 1 ] < $nodes [ $i ][ $class ][ 'rght' ])
{
if ( $right [ count ( $right ) - 1 ])
{
array_pop ( $right );
}
else
{
break ;
}
}
}
fwrite ( $this -> stdout , str_repeat ( ' ' , count ( $right )) . " [ " . $nodes [ $i ][ $class ][ 'id' ] . " ] " . $nodes [ $i ][ $class ][ 'alias' ] . " \n " );
$right [] = $nodes [ $i ][ $class ][ 'rght' ];
}
fwrite ( $this -> stdout , " ------------------------------------------------ \n " );
}
/**
* Enter description here ...
*
*/
function initdb ()
{
fwrite ( $this -> stdout , " Initializing Database... \n " );
fwrite ( $this -> stdout , " Creating access control objects table (acos)... \n " );
$sql = " CREATE TABLE `acos` (
`id` int ( 11 ) NOT NULL auto_increment ,
`object_id` int ( 11 ) default NULL ,
`alias` varchar ( 255 ) NOT NULL default '' ,
`lft` int ( 11 ) default NULL ,
`rght` int ( 11 ) default NULL ,
PRIMARY KEY ( `id` )
); " ;
$this -> controller -> db -> query ( $sql );
fwrite ( $this -> stdout , " Creating access request objects table (acos)... \n " );
$sql2 = " CREATE TABLE `aros` (
`id` int ( 11 ) NOT NULL auto_increment ,
`user_id` int ( 11 ) default NULL ,
`alias` varchar ( 255 ) NOT NULL default '' ,
`lft` int ( 11 ) default NULL ,
`rght` int ( 11 ) default NULL ,
PRIMARY KEY ( `id` )
); " ;
$this -> controller -> db -> query ( $sql2 );
fwrite ( $this -> stdout , " Creating relationships table (aros_acos)... \n " );
$sql3 = " CREATE TABLE `aros_acos` (
`id` int ( 11 ) NOT NULL auto_increment ,
`aro_id` int ( 11 ) default NULL ,
`aco_id` int ( 11 ) default NULL ,
`_create` int ( 1 ) NOT NULL default '0' ,
`_read` int ( 1 ) NOT NULL default '0' ,
`_update` int ( 1 ) NOT NULL default '0' ,
`_delete` int ( 11 ) NOT NULL default '0' ,
PRIMARY KEY ( `id` )
); " ;
$this -> controller -> db -> query ( $sql3 );
fwrite ( $this -> stdout , " \n Done. \n " );
}
/**
* Enter description here ...
*
*/
function help ()
{
$out = " Usage: php acl.php <command> <arg1> <arg2>... \n " ;
2005-11-05 04:08:14 +00:00
$out .= " ----------------------------------------------- \n " ;
$out .= " Commands: \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t create aro|aco <link_id> <parent_id> <alias> \n " ;
$out .= " \t \t Creates a new ACL object under the parent specified by parent_id (see \n " ;
$out .= " \t \t 'view'). The link_id allows you to link a current user object to Cake's \n " ;
$out .= " \t \t ACL structures. The alias parameter allows you address your object \n " ;
$out .= " \t \t using a non-integer ID. Example: \" \$ php acl.php create aro 0 jda57 John \" \n " ;
$out .= " \t \t would create a new ARO object at the root of the tree, linked to jda57 \n " ;
$out .= " \t \t in your users table, with an internal alias 'John'. " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t delete aro|aco <id> \n " ;
$out .= " \t \t Deletes the ACL object with the specified ID (see 'view'). \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t setParent aro|aco <id> <parent_id> \n " ;
$out .= " \t \t Used to set the parent of the ACL object specified by <id> to the ID \n " ;
$out .= " \t \t specified by <parent_id>. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t getPath aro|aco <id> \n " ;
$out .= " \t \t Returns the path to the ACL object specified by <id>. This command is \n " ;
$out .= " \t \t is useful in determining the inhertiance of permissions for a certain \n " ;
$out .= " \t \t object in the tree. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t grant <aro_id> <aco_id> <aco_action> \n " ;
$out .= " \t \t Use this command to grant ACL permissions. Once executed, the ARO \n " ;
$out .= " \t \t specified (and its children, if any) will have ALLOW access to the \n " ;
$out .= " \t \t specified ACO action (and the ACO's children, if any). \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t deny <aro_id> <aco_id> <aco_action> \n " ;
$out .= " \t \t Use this command to deny ACL permissions. Once executed, the ARO \n " ;
$out .= " \t \t specified (and its children, if any) will have DENY access to the \n " ;
$out .= " \t \t specified ACO action (and the ACO's children, if any). \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t inherit <aro_id> \n " ;
$out .= " \t \t Use this command to force a child ARO object to inherit its \n " ;
$out .= " \t \t permissions settings from its parent. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$out .= " \t view aro|aco [id] \n " ;
$out .= " \t \t The view command will return the ARO or ACO tree. The optional \n " ;
$out .= " \t \t id/alias parameter allows you to return only a portion of the requested \n " ;
$out .= " \t \t tree. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
$out .= " \t initdb \n " ;
$out .= " \t \t Use this command to create the database tables needed to use DB ACL. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-11-05 04:08:14 +00:00
$out .= " \t help \n " ;
$out .= " \t \t Displays this help message. \n " ;
$out .= " \n " ;
$out .= " \n " ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
fwrite ( $this -> stdout , $out );
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $title
* @ param unknown_type $msg
*/
2005-11-05 04:08:14 +00:00
function displayError ( $title , $msg )
{
$out = " \n " ;
$out .= " Error: $title\n " ;
$out .= " $msg\n " ;
$out .= " \n " ;
fwrite ( $this -> stdout , $out );
exit ();
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $expectedNum
* @ param unknown_type $command
*/
2005-11-05 04:08:14 +00:00
function checkArgNumber ( $expectedNum , $command )
{
if ( count ( $this -> args ) != $expectedNum )
{
$this -> displayError ( 'Wrong number of parameters: ' . count ( $this -> args ), 'Please type \'php acl.php help\' for help on usage of the ' . $command . ' command.' );
}
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
*/
2005-11-05 04:08:14 +00:00
function checkNodeType ()
{
if ( $this -> args [ 0 ] != 'aco' && $this -> args [ 0 ] != 'aro' )
{
$this -> displayError ( " Missing/Unknown node type: ' " . $this -> args [ 0 ] . " ' " , 'Please specify which ACL object type you wish to create.' );
}
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $type
* @ param unknown_type $id
* @ return unknown
*/
2005-11-05 04:08:14 +00:00
function nodeExists ( $type , $id )
{
2005-12-23 21:57:26 +00:00
//fwrite($this->stdout, "Check to see if $type with ID = $id exists...\n");
2005-11-05 04:08:14 +00:00
extract ( $this -> __dataVars ( $type ));
$node = & new $class ;
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$possibility = $node -> find ( 'id = ' . $id );
2005-12-23 21:57:26 +00:00
if ( empty ( $possibility [ $class ][ 'id' ]))
2005-11-05 04:08:14 +00:00
{
return false ;
}
2005-12-23 21:57:26 +00:00
else
2005-11-05 04:08:14 +00:00
{
return $possibility ;
}
}
2005-12-23 21:57:26 +00:00
/**
* Enter description here ...
*
* @ param unknown_type $type
* @ return unknown
*/
2005-11-05 04:08:14 +00:00
function __dataVars ( $type = null )
{
if ( $type == null )
{
$type = $this -> args [ 0 ];
}
2005-12-23 21:57:26 +00:00
2005-11-05 04:08:14 +00:00
$vars = array ();
$class = ucwords ( $type );
$vars [ 'secondary_id' ] = ( $class == 'aro' ? 'user_id' : 'object_id' );
$vars [ 'data_name' ] = $type ;
$vars [ 'table_name' ] = $class . 's' ;
$vars [ 'class' ] = $class ;
return $vars ;
}
}
?>