mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
allow multiple roles for a rule to be specified as string or array
This commit is contained in:
parent
ef5eead038
commit
95a41af9db
2 changed files with 18 additions and 8 deletions
|
@ -300,13 +300,19 @@ class PhpAco {
|
|||
$tree = array();
|
||||
$root = &$tree;
|
||||
|
||||
foreach ($allow as $dotPath => $commaSeparatedAros) {
|
||||
$aros = array_map('trim', explode(',', $commaSeparatedAros));
|
||||
foreach ($allow as $dotPath => $aros) {
|
||||
if (is_string($aros)) {
|
||||
$aros = array_map('trim', explode(',', $aros));
|
||||
}
|
||||
|
||||
$this->access($aros, $dotPath, null, 'allow');
|
||||
}
|
||||
|
||||
foreach ($deny as $dotPath => $commaSeparatedAros) {
|
||||
$aros = array_map('trim', explode(',', $commaSeparatedAros));
|
||||
foreach ($deny as $dotPath => $aros) {
|
||||
if (is_string($aros)) {
|
||||
$aros = array_map('trim', explode(',', $aros));
|
||||
}
|
||||
|
||||
$this->access($aros, $dotPath, null, 'deny');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
|
||||
|
||||
// -------------------------------------
|
||||
// AROs
|
||||
// Roles
|
||||
// -------------------------------------
|
||||
$config['roles'] = array(
|
||||
'Role/admin' => null,
|
||||
|
@ -30,6 +30,7 @@ $config['roles'] = array(
|
|||
'Role/sales' => null,
|
||||
'Role/data_analyst' => 'Role/data_acquirer, Role/database_manager',
|
||||
'Role/reports' => 'Role/data_analyst',
|
||||
// allow inherited roles to be defined as an array or comma separated list
|
||||
'Role/manager' => array(
|
||||
'Role/accounting',
|
||||
'Role/sales',
|
||||
|
@ -49,7 +50,7 @@ $config['roles'] = array(
|
|||
);
|
||||
|
||||
//-------------------------------------
|
||||
// ACOs
|
||||
// Rules
|
||||
//-------------------------------------
|
||||
$config['rules']['allow'] = array(
|
||||
'/*' => 'Role/admin',
|
||||
|
@ -67,6 +68,9 @@ $config['rules']['allow'] = array(
|
|||
);
|
||||
$config['rules']['deny'] = array(
|
||||
// accountants and sales should not delete anything
|
||||
'/controllers/*/delete' => 'Role/sales, Role/accounting',
|
||||
'/controllers/db/drop' => 'User/db_manager_2',
|
||||
'/controllers/*/delete' => array(
|
||||
'Role/sales',
|
||||
'Role/accounting'
|
||||
),
|
||||
'/controllers/db/drop' => 'User/db_manager_2',
|
||||
);
|
||||
|
|
Loading…
Reference in a new issue