adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-03-12 20:49:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adding documentation to AclComponent and AuthComponent.

Browse source 
Removed unused method DB_ACL::__getObject()

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@5854 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
mariano.iglesias 2007-10-22 06:58:51 +00:00
parent 91b8d00aea
commit 654ff430d4
2 changed files with 168 additions and 129 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

234
cake/libs/controller/components/acl.php
View file

@ -35,8 +35,13 @@
* @subpackage cake.cake.libs.controller.components
*/
class AclComponent extends Object {
var $_instance = null;
/**
* Instance of an ACL class
*
* @var object
* @access protected
*/
var $_Instance = null;
/**
* Constructor. Will return an instance of the correct ACL class.
*
@ -53,12 +58,15 @@ class AclComponent extends Object {
trigger_error(sprintf(__('Could not find %s.', true), $name), E_USER_WARNING);
}
}
$this->_instance =& new $name();
$this->_instance->initialize($this);
$this->_Instance =& new $name();
$this->_Instance->initialize($this);
}
/**
* startup is not used
* Startup is not used
*
* @param object $controller Controller using this component
* @return boolean Proceed with component usage (true), or fail (false)
* @access public
*/
function startup(&$controller) {
return true;
@ -66,109 +74,123 @@ class AclComponent extends Object {
/**
* Empty class defintion, to be overridden in subclasses.
*
* @access protected
*/
function _initACL() {
}
/**
* Pass-thru function for ACL check instance.
*
* @param string $aro
* @param string $aco
* @param string $action : default = *
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function check($aro, $aco, $action = "*") {
return $this->_instance->check($aro, $aco, $action);
return $this->_Instance->check($aro, $aco, $action);
}
/**
* Pass-thru function for ACL allow instance.
*
* @param string $aro
* @param string $aco
* @param string $action : default = *
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function allow($aro, $aco, $action = "*") {
return $this->_instance->allow($aro, $aco, $action);
return $this->_Instance->allow($aro, $aco, $action);
}
/**
* Pass-thru function for ACL deny instance.
*
* @param string $aro
* @param string $aco
* @param string $action : default = *
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function deny($aro, $aco, $action = "*") {
return $this->_instance->deny($aro, $aco, $action);
return $this->_Instance->deny($aro, $aco, $action);
}
/**
* Pass-thru function for ACL inherit instance.
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function inherit($aro, $aco, $action = "*") {
return $this->_instance->inherit($aro, $aco, $action);
return $this->_Instance->inherit($aro, $aco, $action);
}
/**
* Pass-thru function for ACL grant instance.
*
* @param string $aro
* @param string $aco
* @param string $action : default = *
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function grant($aro, $aco, $action = "*") {
return $this->_instance->grant($aro, $aco, $action);
return $this->_Instance->grant($aro, $aco, $action);
}
/**
* Pass-thru function for ACL grant instance.
*
* @param string $aro
* @param string $aco
* @param string $action : default = *
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return bool Success
* @access public
*/
function revoke($aro, $aco, $action = "*") {
return $this->_instance->revoke($aro, $aco, $action);
return $this->_Instance->revoke($aro, $aco, $action);
}
/**
* Sets the current ARO instance to object from getAro
*
* @param string $id
* @return bool
* @param string $id ID of ARO
* @return bool Success
* @access public
*/
function setAro($id) {
return $this->Aro = $this->_instance->getAro($id);
return $this->Aro = $this->_Instance->getAro($id);
}
/**
* Sets the current ACO instance to object from getAco
*
* @param string $id
* @return bool
* @param string $id ID of ACO
* @return bool Success
* @access public
*/
function setAco($id) {
return $this->Aco = $this->_instance->getAco($id);
return $this->Aco = $this->_Instance->getAco($id);
}
/**
* Pass-thru function for ACL getAro instance
* that gets an ARO object from the given id or alias
*
* @param string $id
* @return Aro
* @param string $id ARO id
* @return object ARO
* @access public
*/
function getAro($id) {
return $this->_instance->getAro($id);
return $this->_Instance->getAro($id);
}
/**
* Pass-thru function for ACL getAco instance.
* that gets an ACO object from the given id or alias
*
* @param string $id
* @return Aco
* @param string $id ACO id
* @return object ACO
* @access public
*/
function getAco($id) {
return $this->_instance->getAco($id);
return $this->_Instance->getAco($id);
}
}
/**
@ -183,7 +205,6 @@ class AclBase extends Object {
/**
* This class should never be instantiated, just subclassed.
*
* @return AclBase
*/
function __construct() {
if (strcasecmp(get_class($this), "AclBase") == 0 || !is_subclass_of($this, "AclBase")) {
@ -194,16 +215,18 @@ class AclBase extends Object {
/**
* Empty method to be overridden in subclasses
*
* @param unknown_type $aro
* @param unknown_type $aco
* @param string $action
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @access public
*/
function check($aro, $aco, $action = "*") {
}
/**
* Empty method to be overridden in subclasses
*
* @param unknown_type $component
* @param object $component Component
* @access public
*/
function initialize(&$component) {
}
@ -229,21 +252,22 @@ class DB_ACL extends AclBase {
* Enter description here...
*
* @param object $component
* @access public
*/
function initialize(&$component) {
$component->Aro = $this->Aro;
$component->Aco = $this->Aco;
}
/**
* Enter description here...
* Checks if the given $aro has access to action $action in $aco
*
* @param unknown_type $aro
* @param unknown_type $aco
* @param unknown_type $action
* @return unknown
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @return boolean Success (true if ARO has access to action in ACO, false otherwise)
* @access public
*/
function check($aro, $aco, $action = "*") {
if ($aro == null || $aco == null) {
return false;
}
@ -314,9 +338,14 @@ class DB_ACL extends AclBase {
return false;
}
/**
* Allow
* Allow $aro to have access to action $actions in $aco
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $actions Action (defaults to *)
* @param int $value Value to indicate access type (1 to give access, -1 to deny, 0 to inherit)
* @return boolean Success
* @access public
*/
function allow($aro, $aco, $actions = "*", $value = 1) {
$perms = $this->getAclLink($aro, $aco);
@ -364,63 +393,62 @@ class DB_ACL extends AclBase {
return $this->Aro->Permission->save();
}
/**
* Deny
* Deny access for $aro to action $action in $aco
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $actions Action (defaults to *)
* @return boolean Success
* @access public
*/
function deny($aro, $aco, $action = "*") {
return $this->allow($aro, $aco, $action, -1);
}
/**
* Inherit
* Let access for $aro to action $action in $aco be inherited
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $actions Action (defaults to *)
* @return boolean Success
* @access public
*/
function inherit($aro, $aco, $action = "*") {
return $this->allow($aro, $aco, $action, 0);
}
/**
* Allow alias
* Allow $aro to have access to action $actions in $aco
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $actions Action (defaults to *)
* @return boolean Success
* @see allow()
* @access public
*/
function grant($aro, $aco, $action = "*") {
return $this->allow($aro, $aco, $action);
}
/**
* Deny alias
* Deny access for $aro to action $action in $aco
*
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $actions Action (defaults to *)
* @return boolean Success
* @see deny()
* @access public
*/
function revoke($aro, $aco, $action = "*") {
return $this->deny($aro, $aco, $action);
}
/**
* Private method
*
*/
function &__getObject($id = null, $object) {
if ($id == null) {
trigger_error(__('Null id provided in DB_ACL::get', true) . $object, E_USER_WARNING);
return null;
}
if (is_numeric($id)) {
$conditions = array("{$object}.foreign_key" => $id);
} else {
$conditions = array("{$object}.alias" => $id);
}
$tmp = $this->{$object}->find($conditions);
$this->{$object}->id = $tmp[$object]['id'];
return $this->{$object};
}
/**
* Get an array of access-control links between the given Aro and Aco
*
* @param mixed $aro
* @param mixed $aco
* @return array
* @param string $aro ARO
* @param string $aco ACO
* @return array Indexed array with: 'aro', 'aco' and 'link'
* @access public
*/
function getAclLink($aro, $aco) {
$obj = array();
@ -441,10 +469,11 @@ class DB_ACL extends AclBase {
);
}
/**
* Enter description here...
* Get the keys used in an ACO
*
* @param unknown_type $keys
* @return unknown
* @param array $keys Permission model info
* @return array ACO keys
* @access protected
*/
function _getAcoKeys($keys) {
$newKeys = array();
@ -467,6 +496,9 @@ class DB_ACL extends AclBase {
class INI_ACL extends AclBase {
/**
* Array with configuration, parsed from ini file
*
* @var array
* @access public
*/
var $config = null;
/**
@ -479,9 +511,11 @@ class INI_ACL extends AclBase {
* Main ACL check function. Checks to see if the ARO (access request object) has access to the ACO (access control object).
* Looks at the acl.ini.php file for permissions (see instructions in /config/acl.ini.php).
*
* @param string $aro
* @param string $aco
* @return bool
* @param string $aro ARO
* @param string $aco ACO
* @param string $aco_action Action
* @return bool Success
* @access public
*/
function check($aro, $aco, $aco_action = null) {
if ($this->config == null) {
@ -533,8 +567,9 @@ class INI_ACL extends AclBase {
/**
* Parses an INI file and returns an array that reflects the INI file's section structure. Double-quote friendly.
*
* @param string $fileName
* @return array
* @param string $fileName File
* @return array INI section structure
* @access public
*/
function readConfigFile($fileName) {
$fileLineArray = file($fileName);
@ -574,8 +609,9 @@ class INI_ACL extends AclBase {
/**
* Removes trailing spaces on all array elements (to prepare for searching)
*
* @param array $array
* @return array
* @param array $array Array to trim
* @return array Trimmed array
* @access public
*/
function arrayTrim($array) {
foreach ($array as $key => $value) {
@ -585,4 +621,4 @@ class INI_ACL extends AclBase {
return $array;
}
}
?>
?>

63
cake/libs/controller/components/auth.php
View file

@ -46,7 +46,6 @@ class AuthComponent extends Object {
* @access private
*/
var $_loggedIn = false;
/**
* Other components utilized by AuthComponent
*
@ -158,7 +157,6 @@ class AuthComponent extends Object {
* @access public
*/
var $object = null;
/**
* Error to display when user login fails. For security purposes, only one error is used for all
* login failures, so as not to expose information on why the login failed.
@ -221,8 +219,8 @@ class AuthComponent extends Object {
/**
* Initializes AuthComponent for use in the controller
*
* @access public
* @param object $controller A reference to the instantiating controller object
* @access public
*/
function initialize(&$controller) {
$this->params = $controller->params;
@ -254,8 +252,8 @@ class AuthComponent extends Object {
* Main execution method. Handles redirecting of invalid users, and processing
* of login form data.
*
* @access public
* @param object $controller A reference to the instantiating controller object
* @access public
*/
function startup(&$controller) {
if (low($controller->name) == 'app' || (low($controller->name) == 'tests' && Configure::read() > 0)) {
@ -361,8 +359,8 @@ class AuthComponent extends Object {
* Attempts to introspect the correct values for object properties including
* $userModel and $sessionKey.
*
* @access private
* @param object $controller A reference to the instantiating controller object
* @access private
*/
function __setDefaults() {
if (empty($this->userModel)) {
@ -391,11 +389,11 @@ class AuthComponent extends Object {
* array('model'=> 'name'); will validate mapActions against model $name::isAuthorize(user, controller, mapAction)
* 'object' will validate Controller::action against object::isAuthorized(user, controller, action)
*
* @access public
* @param string $type
* @param string $type Type of authorization
* @param mixed $object object, model object, or model name
* @param mixed $user The user to check the authorization of
* @param mixed $user The user to check the authorization of
* @return bool True if $user is authorized, otherwise false
* @access public
*/
function isAuthorized($type = null, $object = null, $user = null) {
if (empty($user) && !$this->user()) {
@ -460,10 +458,11 @@ class AuthComponent extends Object {
return $valid;
}
/**
* Get authorization type
*
* @param string $auth Type of authorization
* @return array Associative array with: type, object
* @access private
* @param string $auth
* @return type, object, asssoc
*/
function __authType($auth = null) {
if ($auth == null) {
@ -483,10 +482,10 @@ class AuthComponent extends Object {
* Takes a list of actions in the current controller for which authentication is not required, or
* no parameters to allow all actions.
*
* @access public
* @param string $action Controller action name
* @param string $action Controller action name
* @param string ... etc.
* @access public
*/
function allow() {
$args = func_get_args();
@ -499,11 +498,11 @@ class AuthComponent extends Object {
/**
* Removes items from the list of allowed actions.
*
* @access public
* @param string $action Controller action name
* @param string $action Controller action name
* @param string ... etc.
* @see AuthComponent::allow()
* @access public
*/
function deny() {
$args = func_get_args();
@ -516,9 +515,9 @@ class AuthComponent extends Object {
$this->allowedActions = array_values($this->allowedActions);
}
/**
* Maps action names to CRUD operations. Used for controller-based authentication.
* Maps action names to CRUD operations. Used for controller-based authentication.
*
* @param array $map
* @param array $map Actions to map
* @access public
*/
function mapActions($map = array()) {
@ -541,9 +540,9 @@ class AuthComponent extends Object {
* After (if) login is successful, the user record is written to the session key specified in
* AuthComponent::$sessionKey.
*
* @access public
* @param mixed $data User object
* @return bool True on login success, false on failure
* @access public
*/
function login($data = null) {
$this->__setDefaults();
@ -562,10 +561,10 @@ class AuthComponent extends Object {
/**
* Logs a user out, and returns the login action to redirect to.
*
* @access public
* @param mixed $url Optional URL to redirect the user to after logout
* @return string AuthComponent::$loginAction
* @see AuthComponent::$loginAction
* @access public
*/
function logout() {
$this->__setDefaults();
@ -577,8 +576,8 @@ class AuthComponent extends Object {
/**
* Get the current user from the session.
*
* @access public
* @return array User record, or null if no user is logged in.
* @access public
*/
function user($key = null) {
$this->__setDefaults();
@ -601,8 +600,8 @@ class AuthComponent extends Object {
* If no parameter is passed, gets the authentication redirect URL.
*
* @param mixed $url Optional URL to write as the login redirect URL.
* @access public
* @return string Redirect URL
* @access public
*/
function redirect($url = null) {
if (!is_null($url)) {
@ -623,14 +622,15 @@ class AuthComponent extends Object {
/**
* Validates a user against an abstract object.
*
* @access public
* @param mixed $object The object to validate the user against.
* @param mixed $user Optional. The identity of the user to be validated.
* Uses the current user session if none specified. For
* valid forms of identifying users, see
* AuthComponent::identify().
* @param string $action Optional. The action to validate against.
* @see AuthComponent::identify()
* @return bool True if the user validates, false otherwise.
* @access public
*/
function validate($object, $user = null, $action = null) {
if (empty($user)) {
@ -645,11 +645,11 @@ class AuthComponent extends Object {
/**
* Returns the path to the ACO node bound to a controller/action.
*
* @access public
* @param string $action Optional. The controller/action path to validate the
* user against. The current request action is used if
* none is specified.
* @return bool ACO node path
* @access public
*/
function action($action = ':controller/:action') {
return r(
@ -659,11 +659,12 @@ class AuthComponent extends Object {
);
}
/**
* Returns a reference to the model object specified by $userModel, and attempts
* Returns a reference to the model object specified, and attempts
* to load it if it is not found.
*
* @param string $name Model name (defaults to AuthComponent::$userModel)
* @return object A reference to a model object
* @access public
* @return object A reference to a model object.
*/
function &getModel($name = null) {
$model = null;
@ -697,10 +698,10 @@ class AuthComponent extends Object {
/**
* Identifies a user based on specific criteria.
*
* @access public
* @param mixed $user Optional. The identity of the user to be validated.
* Uses the current user session if none specified.
* @return array User record data, or null, if the user could not be identified.
* @access public
*/
function identify($user = null) {
if (empty($user)) {
@ -764,10 +765,9 @@ class AuthComponent extends Object {
/**
* Hash any passwords found in $data using $userModel and $fields['password']
*
* @param array $data Set of data to look for passwords
* @return array Data with passwords hashed
* @access public
* @param array $data
* @param array $hash sha1, sha256, md5
* @return array
*/
function hashPasswords($data) {
if (is_object($this->authenticate) && method_exists($this->authenticate, 'hashPasswords')) {
@ -784,10 +784,9 @@ class AuthComponent extends Object {
/**
* Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
*
* @param string $password Password to hash
* @return string Hashed password
* @access public
* @param string $password
* @param array $hash sha1, sha256, md5
* @return string
*/
function password($password) {
return Security::hash(Configure::read('Security.salt') . $password);
@ -795,8 +794,8 @@ class AuthComponent extends Object {
/**
* Component shutdown. If user is logged in, wipe out redirect.
*
* @param object $controller Instantiating controller
* @access public
* @param object $controller
*/
function shutdown(&$controller) {
if ($this->_loggedIn) {
@ -804,6 +803,10 @@ class AuthComponent extends Object {
}
}
/**
* Normalizes a URL
*
* @param string $url URL to normalize
* @return string Normalized URL
* @access protected
*/
function _normalizeURL($url = '/') {