updating AclShell, added check comand, closes #2780

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6076 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
gwoo 2007-11-25 15:27:42 +00:00
parent ad95d87d6d
commit ff8faa5318
2 changed files with 73 additions and 33 deletions

View file

@ -439,24 +439,22 @@ class ShellDispatcher {
function __parseParams($params) {
$count = count($params);
for ($i = 0; $i < $count; $i++) {
if(isset($params[$i])) {
if ($params[$i]{0} === '-') {
$key = substr($params[$i], 1);
$this->params[$key] = true;
unset($params[$i]);
if(isset($params[++$i])) {
if ($params[$i]{0} !== '-') {
$this->params[$key] = str_replace('"', '', $params[$i]);
unset($params[$i]);
} else {
$i--;
$this->__parseParams($params);
}
if (!empty($params[$i]) && $params[$i]{0} === '-') {
$key = substr($params[$i], 1);
$this->params[$key] = true;
unset($params[$i]);
if(isset($params[++$i])) {
if (!empty($params[$i]) && $params[$i]{0} !== '-') {
$this->params[$key] = str_replace('"', '', $params[$i]);
unset($params[$i]);
} else {
$i--;
$this->__parseParams($params);
}
} else {
$this->args[] = $params[$i];
unset($params[$i]);
}
} else {
$this->args[] = $params[$i];
unset($params[$i]);
}
}
}

View file

@ -113,6 +113,7 @@ class AclShell extends Shell {
$out .= "\t - delete\n";
$out .= "\t - setParent\n";
$out .= "\t - getPath\n";
$out .= "\t - check\n";
$out .= "\t - grant\n";
$out .= "\t - deny\n";
$out .= "\t - inherit\n";
@ -227,6 +228,21 @@ class AclShell extends Shell {
$this->out(str_repeat(' ', $i) . "[" . $nodes[$i][$class]['id'] . "]" . $nodes[$i][$class]['alias'] . "\n");
}
}
/**
* Check permission for a given ARO to a given ACO.
*
* @access public
*/
function check() {
$this->_checkArgs(3, 'check');
extract($this->__getParams());
if ($this->Acl->check($aro, $aco, $action)) {
$this->out(sprintf(__("%s is allowed.", true), $aro), true);
} else {
$this->out(sprintf(__("%s is not allowed.", true), $aro), true);
}
}
/**
* Grant permission for a given ARO to a given ACO.
*
@ -234,12 +250,12 @@ class AclShell extends Shell {
*/
function grant() {
$this->_checkArgs(3, 'grant');
//add existence checks for nodes involved
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
extract($this->__getParams());
if ($this->Acl->allow($aro, $aco, $this->args[2])) {
if ($this->Acl->allow($aro, $aco, $action)) {
$this->out(__("Permission granted.", true), true);
} else {
$this->out(__("Permission was not granted.", true), true);
}
}
/**
@ -249,11 +265,13 @@ class AclShell extends Shell {
*/
function deny() {
$this->_checkArgs(3, 'deny');
//add existence checks for nodes involved
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
$this->Acl->deny($aro, $aco, $this->args[2]);
$this->out(__("Requested permission successfully denied.", true), true);
extract($this->__getParams());
if ($this->Acl->deny($aro, $aco, $action)) {
$this->out(__("Permission denied.", true), true);
} else {
$this->out(__("Permission was not denied.", true), true);
}
}
/**
* Set an ARO to inhermit permission to an ACO.
@ -262,10 +280,13 @@ class AclShell extends Shell {
*/
function inherit() {
$this->_checkArgs(3, 'inherit');
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
$this->Acl->inherit($aro, $aco, $this->args[2]);
$this->out(__("Requested permission successfully inherited.", true), true);
extract($this->__getParams());
if ($this->Acl->inherit($aro, $aco, $action)) {
$this->out(__("Permission inherited.", true), true);
} else {
$this->out(__("Permission was not inherited.", true), true);
}
}
/**
* Show a specific ARO/ACO node.
@ -351,18 +372,20 @@ class AclShell extends Shell {
"\t\t" . __("Returns the path to the ACL object specified by <node>. This command", true) . "\n" .
"\t\t" . __("is useful in determining the inhertiance of permissions for a certain", true) . "\n" .
"\t\t" . __("object in the tree.", true) . "\n",
'check' => "\check <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
"\t\t" . __("Use this command to check ACL permissions.", true) . "\n",
'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " '*' " . __("(quotes required)", true) . "\n" .
'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
"\t\t" . __("Use this command to grant ACL permissions. Once executed, the ARO", true) . "\n" .
"\t\t" . __("specified (and its children, if any) will have ALLOW access to the", true) . "\n" .
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]\n" .
'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
"\t\t" . __("Use this command to deny ACL permissions. Once executed, the ARO", true) . "\n" .
"\t\t" . __("specified (and its children, if any) will have DENY access to the", true) . "\n" .
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]\n" .
'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
"\t\t" . __("Use this command to force a child ARO object to inherit its", true) . "\n" .
"\t\t" . __("permissions settings from its parent.", true) . "\n",
@ -371,7 +394,7 @@ class AclShell extends Shell {
"\t\t" . __("id/alias parameter allows you to return only a portion of the requested tree.", true) . "\n",
'initdb' => "\tinitdb\n".
"\t\t" . __("Use this command to create the database tables needed to use DB ACL.", true) . "\n",
"\t\t" . __("Use this command : cake schema run create -name DbAcl", true) . "\n",
'help' => "\thelp [<command>]\n" .
"\t\t" . __("Displays this help message, or a message on a specific command.", true) . "\n"
@ -422,6 +445,25 @@ class AclShell extends Shell {
}
return $possibility;
}
/**
* get params for standard Acl methods
*
* @return array aro, aco, action
* @access private
*/
function __getParams() {
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
$action = null;
if(isset($this->args[2])) {
$action = $this->args[2];
if ($action == '' || $action == 'all') {
$action = '*';
}
}
return compact('aro', 'aco', 'action');
}
/**
* Build data parameters based on node type