updating AclShell, added check comand, closes #2780

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6076 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
gwoo 2007-11-25 15:27:42 +00:00
parent ad95d87d6d
commit ff8faa5318
2 changed files with 73 additions and 33 deletions

View file

@ -439,13 +439,12 @@ class ShellDispatcher {
function __parseParams($params) { function __parseParams($params) {
$count = count($params); $count = count($params);
for ($i = 0; $i < $count; $i++) { for ($i = 0; $i < $count; $i++) {
if(isset($params[$i])) { if (!empty($params[$i]) && $params[$i]{0} === '-') {
if ($params[$i]{0} === '-') {
$key = substr($params[$i], 1); $key = substr($params[$i], 1);
$this->params[$key] = true; $this->params[$key] = true;
unset($params[$i]); unset($params[$i]);
if(isset($params[++$i])) { if(isset($params[++$i])) {
if ($params[$i]{0} !== '-') { if (!empty($params[$i]) && $params[$i]{0} !== '-') {
$this->params[$key] = str_replace('"', '', $params[$i]); $this->params[$key] = str_replace('"', '', $params[$i]);
unset($params[$i]); unset($params[$i]);
} else { } else {
@ -459,7 +458,6 @@ class ShellDispatcher {
} }
} }
} }
}
/** /**
* Removes first argument and shifts other arguments up * Removes first argument and shifts other arguments up
* *

View file

@ -113,6 +113,7 @@ class AclShell extends Shell {
$out .= "\t - delete\n"; $out .= "\t - delete\n";
$out .= "\t - setParent\n"; $out .= "\t - setParent\n";
$out .= "\t - getPath\n"; $out .= "\t - getPath\n";
$out .= "\t - check\n";
$out .= "\t - grant\n"; $out .= "\t - grant\n";
$out .= "\t - deny\n"; $out .= "\t - deny\n";
$out .= "\t - inherit\n"; $out .= "\t - inherit\n";
@ -227,6 +228,21 @@ class AclShell extends Shell {
$this->out(str_repeat(' ', $i) . "[" . $nodes[$i][$class]['id'] . "]" . $nodes[$i][$class]['alias'] . "\n"); $this->out(str_repeat(' ', $i) . "[" . $nodes[$i][$class]['id'] . "]" . $nodes[$i][$class]['alias'] . "\n");
} }
} }
/**
* Check permission for a given ARO to a given ACO.
*
* @access public
*/
function check() {
$this->_checkArgs(3, 'check');
extract($this->__getParams());
if ($this->Acl->check($aro, $aco, $action)) {
$this->out(sprintf(__("%s is allowed.", true), $aro), true);
} else {
$this->out(sprintf(__("%s is not allowed.", true), $aro), true);
}
}
/** /**
* Grant permission for a given ARO to a given ACO. * Grant permission for a given ARO to a given ACO.
* *
@ -234,12 +250,12 @@ class AclShell extends Shell {
*/ */
function grant() { function grant() {
$this->_checkArgs(3, 'grant'); $this->_checkArgs(3, 'grant');
//add existence checks for nodes involved extract($this->__getParams());
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
if ($this->Acl->allow($aro, $aco, $this->args[2])) { if ($this->Acl->allow($aro, $aco, $action)) {
$this->out(__("Permission granted.", true), true); $this->out(__("Permission granted.", true), true);
} else {
$this->out(__("Permission was not granted.", true), true);
} }
} }
/** /**
@ -249,11 +265,13 @@ class AclShell extends Shell {
*/ */
function deny() { function deny() {
$this->_checkArgs(3, 'deny'); $this->_checkArgs(3, 'deny');
//add existence checks for nodes involved extract($this->__getParams());
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]); if ($this->Acl->deny($aro, $aco, $action)) {
$this->Acl->deny($aro, $aco, $this->args[2]); $this->out(__("Permission denied.", true), true);
$this->out(__("Requested permission successfully denied.", true), true); } else {
$this->out(__("Permission was not denied.", true), true);
}
} }
/** /**
* Set an ARO to inhermit permission to an ACO. * Set an ARO to inhermit permission to an ACO.
@ -262,10 +280,13 @@ class AclShell extends Shell {
*/ */
function inherit() { function inherit() {
$this->_checkArgs(3, 'inherit'); $this->_checkArgs(3, 'inherit');
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]); extract($this->__getParams());
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
$this->Acl->inherit($aro, $aco, $this->args[2]); if ($this->Acl->inherit($aro, $aco, $action)) {
$this->out(__("Requested permission successfully inherited.", true), true); $this->out(__("Permission inherited.", true), true);
} else {
$this->out(__("Permission was not inherited.", true), true);
}
} }
/** /**
* Show a specific ARO/ACO node. * Show a specific ARO/ACO node.
@ -351,18 +372,20 @@ class AclShell extends Shell {
"\t\t" . __("Returns the path to the ACL object specified by <node>. This command", true) . "\n" . "\t\t" . __("Returns the path to the ACL object specified by <node>. This command", true) . "\n" .
"\t\t" . __("is useful in determining the inhertiance of permissions for a certain", true) . "\n" . "\t\t" . __("is useful in determining the inhertiance of permissions for a certain", true) . "\n" .
"\t\t" . __("object in the tree.", true) . "\n", "\t\t" . __("object in the tree.", true) . "\n",
'check' => "\check <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
"\t\t" . __("Use this command to check ACL permissions.", true) . "\n",
'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " '*' " . __("(quotes required)", true) . "\n" . 'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
"\t\t" . __("Use this command to grant ACL permissions. Once executed, the ARO", true) . "\n" . "\t\t" . __("Use this command to grant ACL permissions. Once executed, the ARO", true) . "\n" .
"\t\t" . __("specified (and its children, if any) will have ALLOW access to the", true) . "\n" . "\t\t" . __("specified (and its children, if any) will have ALLOW access to the", true) . "\n" .
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n", "\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]\n" . 'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
"\t\t" . __("Use this command to deny ACL permissions. Once executed, the ARO", true) . "\n" . "\t\t" . __("Use this command to deny ACL permissions. Once executed, the ARO", true) . "\n" .
"\t\t" . __("specified (and its children, if any) will have DENY access to the", true) . "\n" . "\t\t" . __("specified (and its children, if any) will have DENY access to the", true) . "\n" .
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n", "\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]\n" . 'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
"\t\t" . __("Use this command to force a child ARO object to inherit its", true) . "\n" . "\t\t" . __("Use this command to force a child ARO object to inherit its", true) . "\n" .
"\t\t" . __("permissions settings from its parent.", true) . "\n", "\t\t" . __("permissions settings from its parent.", true) . "\n",
@ -371,7 +394,7 @@ class AclShell extends Shell {
"\t\t" . __("id/alias parameter allows you to return only a portion of the requested tree.", true) . "\n", "\t\t" . __("id/alias parameter allows you to return only a portion of the requested tree.", true) . "\n",
'initdb' => "\tinitdb\n". 'initdb' => "\tinitdb\n".
"\t\t" . __("Use this command to create the database tables needed to use DB ACL.", true) . "\n", "\t\t" . __("Use this command : cake schema run create -name DbAcl", true) . "\n",
'help' => "\thelp [<command>]\n" . 'help' => "\thelp [<command>]\n" .
"\t\t" . __("Displays this help message, or a message on a specific command.", true) . "\n" "\t\t" . __("Displays this help message, or a message on a specific command.", true) . "\n"
@ -422,6 +445,25 @@ class AclShell extends Shell {
} }
return $possibility; return $possibility;
} }
/**
* get params for standard Acl methods
*
* @return array aro, aco, action
* @access private
*/
function __getParams() {
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
$action = null;
if(isset($this->args[2])) {
$action = $this->args[2];
if ($action == '' || $action == 'all') {
$action = '*';
}
}
return compact('aro', 'aco', 'action');
}
/** /**
* Build data parameters based on node type * Build data parameters based on node type