mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
Update code examples to be consistent with other docs.
This commit is contained in:
parent
cee56eaef7
commit
3a06e1f638
1 changed files with 42 additions and 30 deletions
|
@ -34,57 +34,69 @@
|
||||||
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
|
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
|
||||||
* done via a call to Acl->check() with
|
* done via a call to Acl->check() with
|
||||||
*
|
*
|
||||||
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
|
* {{{
|
||||||
|
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* as ARO and
|
* as ARO and
|
||||||
*
|
*
|
||||||
* '/controllers/invoices/delete'
|
* {{{
|
||||||
|
* '/controllers/invoices/delete'
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* as ACO.
|
* as ACO.
|
||||||
*
|
*
|
||||||
* If the configured map looks like
|
* If the configured map looks like
|
||||||
*
|
*
|
||||||
* $config['map'] = array(
|
* {{{
|
||||||
* 'User' => 'User/username',
|
* $config['map'] = array(
|
||||||
* 'Role' => 'User/group_id',
|
* 'User' => 'User/username',
|
||||||
* );
|
* 'Role' => 'User/group_id',
|
||||||
|
* );
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
|
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
|
||||||
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
|
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
|
||||||
* check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
|
* check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
|
||||||
* E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
|
* E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
|
||||||
*
|
*
|
||||||
* $config['alias'] = array(
|
* {{{
|
||||||
* 'Role/4' => 'Role/editor',
|
* $config['alias'] = array(
|
||||||
* );
|
* 'Role/4' => 'Role/editor',
|
||||||
|
* );
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
|
* In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
|
||||||
*
|
*
|
||||||
* $config['roles'] = array(
|
* {{{
|
||||||
* 'Role/admin' => null,
|
* $config['roles'] = array(
|
||||||
* 'Role/accountant' => null,
|
* 'Role/admin' => null,
|
||||||
* 'Role/editor' => null,
|
* 'Role/accountant' => null,
|
||||||
* 'Role/manager' => 'Role/editor, Role/accountant',
|
* 'Role/editor' => null,
|
||||||
* 'User/jeff' => 'Role/manager',
|
* 'Role/manager' => 'Role/editor, Role/accountant',
|
||||||
* );
|
* 'User/jeff' => 'Role/manager',
|
||||||
|
* );
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
|
* In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
|
||||||
* Lets define some rules:
|
* Lets define some rules:
|
||||||
*
|
*
|
||||||
* $config['rules'] = array(
|
* {{{
|
||||||
* 'allow' => array(
|
* $config['rules'] = array(
|
||||||
* '*' => 'Role/admin',
|
* 'allow' => array(
|
||||||
* 'controllers/users/(dashboard|profile)' => 'Role/default',
|
* '*' => 'Role/admin',
|
||||||
* 'controllers/invoices/*' => 'Role/accountant',
|
* 'controllers/users/(dashboard|profile)' => 'Role/default',
|
||||||
* 'controllers/articles/*' => 'Role/editor',
|
* 'controllers/invoices/*' => 'Role/accountant',
|
||||||
* 'controllers/users/*' => 'Role/manager',
|
* 'controllers/articles/*' => 'Role/editor',
|
||||||
* 'controllers/invoices/delete' => 'Role/manager',
|
* 'controllers/users/*' => 'Role/manager',
|
||||||
* ),
|
* 'controllers/invoices/delete' => 'Role/manager',
|
||||||
* 'deny' => array(
|
* ),
|
||||||
* 'controllers/invoices/delete' => 'Role/accountant, User/jeff',
|
* 'deny' => array(
|
||||||
* 'controllers/articles/(delete|publish)' => 'Role/editor',
|
* 'controllers/invoices/delete' => 'Role/accountant, User/jeff',
|
||||||
* ),
|
* 'controllers/articles/(delete|publish)' => 'Role/editor',
|
||||||
* );
|
* ),
|
||||||
|
* );
|
||||||
|
* }}}
|
||||||
*
|
*
|
||||||
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
|
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
|
||||||
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
|
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
|
||||||
|
|
Loading…
Reference in a new issue