2005-11-05 04:08:14 +00:00
|
|
|
<?php
|
|
|
|
/* SVN FILE: $Id$ */
|
|
|
|
/**
|
2006-01-12 02:10:47 +00:00
|
|
|
* This is core configuration file.
|
|
|
|
*
|
2005-11-05 04:08:14 +00:00
|
|
|
* Use it to configure core behaviour ofCake.
|
|
|
|
*
|
|
|
|
* PHP versions 4 and 5
|
|
|
|
*
|
2007-02-02 10:39:45 +00:00
|
|
|
* CakePHP(tm) : Rapid Development Framework <http://www.cakephp.org/>
|
|
|
|
* Copyright 2005-2007, Cake Software Foundation, Inc.
|
2006-05-26 05:29:17 +00:00
|
|
|
* 1785 E. Sahara Avenue, Suite 490-204
|
|
|
|
* Las Vegas, Nevada 89104
|
2006-01-12 02:10:47 +00:00
|
|
|
*
|
2005-12-23 21:57:26 +00:00
|
|
|
* Licensed under The MIT License
|
|
|
|
* Redistributions of files must retain the above copyright notice.
|
2005-11-05 04:08:14 +00:00
|
|
|
*
|
2006-01-12 02:10:47 +00:00
|
|
|
* @filesource
|
2007-02-02 10:39:45 +00:00
|
|
|
* @copyright Copyright 2005-2007, Cake Software Foundation, Inc.
|
|
|
|
* @link http://www.cakefoundation.org/projects/info/cakephp CakePHP(tm) Project
|
2006-05-26 05:29:17 +00:00
|
|
|
* @package cake
|
2007-05-01 01:49:51 +00:00
|
|
|
* @subpackage cake.cake.libs.model
|
2007-02-02 10:39:45 +00:00
|
|
|
* @since CakePHP(tm) v 0.2.9
|
2006-05-26 05:29:17 +00:00
|
|
|
* @version $Revision$
|
|
|
|
* @modifiedby $LastChangedBy$
|
|
|
|
* @lastmodified $Date$
|
|
|
|
* @license http://www.opensource.org/licenses/mit-license.php The MIT License
|
2005-11-05 04:08:14 +00:00
|
|
|
*/
|
2007-05-01 01:49:51 +00:00
|
|
|
/**
|
|
|
|
* Set database config if not defined.
|
|
|
|
*/
|
|
|
|
/**
|
|
|
|
* Load Model and AppModel
|
|
|
|
*/
|
|
|
|
loadModel();
|
|
|
|
/**
|
|
|
|
* Short description for file.
|
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.libs.model
|
|
|
|
*/
|
|
|
|
class AclNode extends AppModel {
|
|
|
|
/**
|
|
|
|
* Explicitly disable in-memory query caching for ACL models
|
|
|
|
*
|
|
|
|
* @var boolean
|
|
|
|
*/
|
|
|
|
var $cacheQueries = false;
|
|
|
|
/**
|
|
|
|
* ACL models use the Tree behavior
|
|
|
|
*
|
|
|
|
* @var mixed
|
|
|
|
*/
|
|
|
|
var $actsAs = array('Tree' => 'nested');
|
2007-10-14 01:09:21 +00:00
|
|
|
/**
|
|
|
|
* Constructor
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
function __construct() {
|
|
|
|
$config = Configure::read('Acl.database');
|
|
|
|
if(isset($config)) {
|
|
|
|
$this->useDbConfig = $config;
|
|
|
|
}
|
|
|
|
parent::__construct();
|
|
|
|
}
|
2007-05-01 01:49:51 +00:00
|
|
|
/**
|
|
|
|
* Retrieves the Aro/Aco node for this model
|
|
|
|
*
|
|
|
|
* @param mixed $ref
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
function node($ref = null) {
|
|
|
|
$db =& ConnectionManager::getDataSource($this->useDbConfig);
|
|
|
|
$type = $this->name;
|
|
|
|
$prefix = $this->tablePrefix;
|
2007-07-08 03:09:06 +00:00
|
|
|
$result = null;
|
2007-05-01 01:49:51 +00:00
|
|
|
|
|
|
|
if (!empty($this->useTable)) {
|
|
|
|
$table = $this->useTable;
|
|
|
|
} else {
|
|
|
|
$table = Inflector::pluralize(Inflector::underscore($type));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (empty($ref)) {
|
|
|
|
return null;
|
|
|
|
} elseif (is_string($ref)) {
|
|
|
|
$path = explode('/', $ref);
|
2007-08-27 03:16:49 +00:00
|
|
|
$start = $path[0];
|
|
|
|
unset($path[0]);
|
2007-05-01 01:49:51 +00:00
|
|
|
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
$queryData = array('conditions' => array(
|
|
|
|
$db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft"),
|
|
|
|
$db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght")),
|
|
|
|
'fields' => array('id', 'parent_id', 'model', 'foreign_key', 'alias'),
|
|
|
|
'joins' => array(array('table' => $db->name($prefix . $table),
|
|
|
|
'alias' => "{$type}0",
|
|
|
|
'type' => 'LEFT',
|
|
|
|
'conditions' => array("{$type}0.alias" => $start))),
|
|
|
|
'order' => $db->name("{$type}.lft") . ' DESC');
|
2007-05-01 01:49:51 +00:00
|
|
|
foreach ($path as $i => $alias) {
|
|
|
|
$j = $i - 1;
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
|
|
|
|
array_push($queryData['joins'], array(
|
|
|
|
'table' => $db->name($prefix . $table),
|
|
|
|
'alias' => "{$type}{$i}",
|
|
|
|
'type' => 'LEFT',
|
|
|
|
'conditions' => array(
|
|
|
|
$db->name("{$type}{$i}.lft") . ' > ' . $db->name("{$type}{$j}.lft"),
|
|
|
|
$db->name("{$type}{$i}.rght") . ' < ' . $db->name("{$type}{$j}.rght"),
|
|
|
|
$db->name("{$type}{$i}.alias") . ' = ' . $db->value($alias))));
|
|
|
|
|
|
|
|
$queryData['conditions'] = array('or' => array(
|
|
|
|
$db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft") . ' AND ' . $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght"),
|
|
|
|
$db->name("{$type}.lft") . ' <= ' . $db->name("{$type}{$i}.lft") . ' AND ' . $db->name("{$type}.rght") . ' >= ' . $db->name("{$type}{$i}.rght")));
|
2007-05-01 01:49:51 +00:00
|
|
|
}
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
$result = $db->read($this, $queryData, -1);
|
|
|
|
|
2007-05-01 01:49:51 +00:00
|
|
|
} elseif (is_object($ref) && is_a($ref, 'Model')) {
|
|
|
|
$ref = array('model' => $ref->name, 'foreign_key' => $ref->id);
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
|
2007-05-01 01:49:51 +00:00
|
|
|
} elseif (is_array($ref) && !(isset($ref['model']) && isset($ref['foreign_key']))) {
|
|
|
|
$name = key($ref);
|
|
|
|
if (!ClassRegistry::isKeySet($name)) {
|
|
|
|
if (!loadModel($name)) {
|
|
|
|
trigger_error("Model class '$name' not found in AclNode::node() when trying to bind {$this->name} object", E_USER_WARNING);
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
$model =& new $name();
|
|
|
|
} else {
|
|
|
|
$model =& ClassRegistry::getObject($name);
|
|
|
|
}
|
|
|
|
$tmpRef = null;
|
|
|
|
if (method_exists($model, 'bindNode')) {
|
|
|
|
$tmpRef = $model->bindNode($ref);
|
|
|
|
}
|
|
|
|
if (empty($tmpRef)) {
|
|
|
|
$ref = array('model' => $name, 'foreign_key' => $ref[$name][$model->primaryKey]);
|
|
|
|
} else {
|
|
|
|
if (is_string($tmpRef)) {
|
|
|
|
return $this->node($tmpRef);
|
|
|
|
}
|
|
|
|
$ref = $tmpRef;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (is_array($ref)) {
|
|
|
|
foreach ($ref as $key => $val) {
|
|
|
|
if (strpos($key, $type) !== 0) {
|
|
|
|
unset($ref[$key]);
|
|
|
|
$ref["{$type}0.{$key}"] = $val;
|
|
|
|
}
|
|
|
|
}
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
$queryData = array('conditions' => $ref,
|
|
|
|
'fields' => array('id', 'parent_id', 'model', 'foreign_key', 'alias'),
|
|
|
|
'joins' => array(array('table' => $db->name($prefix . $table),
|
|
|
|
'alias' => "{$type}0",
|
|
|
|
'type' => 'LEFT',
|
|
|
|
'conditions' => array(
|
|
|
|
$db->name("{$type}.lft") . ' <= ' . $db->name("{$type}0.lft"),
|
|
|
|
$db->name("{$type}.rght") . ' >= ' . $db->name("{$type}0.rght")))),
|
|
|
|
'order' => $db->name("{$type}.lft") . ' DESC');
|
|
|
|
$result = $db->read($this, $queryData, -1);
|
2007-05-01 01:49:51 +00:00
|
|
|
|
|
|
|
if (!$result) {
|
|
|
|
trigger_error("AclNode::node() - Couldn't find {$type} node identified by \"" . print_r($ref, true) . "\"", E_USER_WARNING);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Short description for file.
|
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.libs.model
|
|
|
|
*/
|
|
|
|
class Aco extends AclNode {
|
|
|
|
/**
|
|
|
|
* Model name
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
var $name = 'Aco';
|
|
|
|
/**
|
|
|
|
* Binds to ARO nodes through permissions settings
|
|
|
|
*
|
|
|
|
* @var array
|
|
|
|
*/
|
|
|
|
var $hasAndBelongsToMany = array('Aro' => array('with' => 'Permission'));
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Short description for file.
|
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.libs.model
|
|
|
|
*/
|
|
|
|
class AcoAction extends AppModel {
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $belongsTo = 'Aco';
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Short description for file.
|
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.libs.model
|
|
|
|
*/
|
|
|
|
class Aro extends AclNode {
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $name = 'Aro';
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $hasAndBelongsToMany = array('Aco' => array('with' => 'Permission'));
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Short description for file.
|
|
|
|
*
|
|
|
|
* Long description for file
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* @package cake
|
|
|
|
* @subpackage cake.cake.libs.model
|
|
|
|
*/
|
|
|
|
class Permission extends AppModel {
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $cacheQueries = false;
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $name = 'Permission';
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $useTable = 'aros_acos';
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $belongsTo = 'Aro,Aco';
|
|
|
|
/**
|
|
|
|
* Enter description here...
|
|
|
|
*
|
|
|
|
* @var unknown_type
|
|
|
|
*/
|
|
|
|
var $actsAs = null;
|
2007-10-14 01:09:21 +00:00
|
|
|
/**
|
|
|
|
* Constructor
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
function __construct() {
|
|
|
|
$config = Configure::read('Acl.database');
|
|
|
|
if(isset($config)) {
|
|
|
|
$this->useDbConfig = $config;
|
|
|
|
}
|
|
|
|
parent::__construct();
|
|
|
|
}
|
2007-05-01 01:49:51 +00:00
|
|
|
}
|
Fixes #2902, DB_ACL::allow allowing all when $actions is not an array.
Fixes #2988, AclComponent check() does not inherit permissions.
Fixes #3022, Inconsistent table alias quoting crashes Acl node lookup with PostgreSQL.
Fixes #3129, Console ACL Shell ACO View Broken
Fixes #3176, Problems with ACL support on Microsoft SQL Server.
Closes #3311 as invalid, DboSourceTest::testArrayConditionsParsing tests added
Fixes #3312, DB_ACL::check() fail returning right permission
Fixes #3344, Model->field adds incorrect condition under certain circumstances.
Fixes #3400, Cookie Component: When reading a non-existing key it throws a notice.
Fixes #3407, Since [5768] CookieComponent throws warning when used in beforeFilter().
Closes #3401, Added form test to ensure $Form->fields array is what the security component requires.
Updated AclComponentTest
Merged changes in app/ to cake/console/libs/templates/skel
Fixed generated link to Run More Test after running Group > All tests
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5776 3807eeeb-6ff5-0310-8944-8be069107fe0
2007-10-17 12:51:17 +00:00
|
|
|
?>
|