mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 11:28:25 +00:00
updating AclShell, added check comand, closes #2780
git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6076 3807eeeb-6ff5-0310-8944-8be069107fe0
This commit is contained in:
parent
ad95d87d6d
commit
ff8faa5318
2 changed files with 73 additions and 33 deletions
|
@ -439,13 +439,12 @@ class ShellDispatcher {
|
||||||
function __parseParams($params) {
|
function __parseParams($params) {
|
||||||
$count = count($params);
|
$count = count($params);
|
||||||
for ($i = 0; $i < $count; $i++) {
|
for ($i = 0; $i < $count; $i++) {
|
||||||
if(isset($params[$i])) {
|
if (!empty($params[$i]) && $params[$i]{0} === '-') {
|
||||||
if ($params[$i]{0} === '-') {
|
|
||||||
$key = substr($params[$i], 1);
|
$key = substr($params[$i], 1);
|
||||||
$this->params[$key] = true;
|
$this->params[$key] = true;
|
||||||
unset($params[$i]);
|
unset($params[$i]);
|
||||||
if(isset($params[++$i])) {
|
if(isset($params[++$i])) {
|
||||||
if ($params[$i]{0} !== '-') {
|
if (!empty($params[$i]) && $params[$i]{0} !== '-') {
|
||||||
$this->params[$key] = str_replace('"', '', $params[$i]);
|
$this->params[$key] = str_replace('"', '', $params[$i]);
|
||||||
unset($params[$i]);
|
unset($params[$i]);
|
||||||
} else {
|
} else {
|
||||||
|
@ -459,7 +458,6 @@ class ShellDispatcher {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
/**
|
/**
|
||||||
* Removes first argument and shifts other arguments up
|
* Removes first argument and shifts other arguments up
|
||||||
*
|
*
|
||||||
|
|
|
@ -113,6 +113,7 @@ class AclShell extends Shell {
|
||||||
$out .= "\t - delete\n";
|
$out .= "\t - delete\n";
|
||||||
$out .= "\t - setParent\n";
|
$out .= "\t - setParent\n";
|
||||||
$out .= "\t - getPath\n";
|
$out .= "\t - getPath\n";
|
||||||
|
$out .= "\t - check\n";
|
||||||
$out .= "\t - grant\n";
|
$out .= "\t - grant\n";
|
||||||
$out .= "\t - deny\n";
|
$out .= "\t - deny\n";
|
||||||
$out .= "\t - inherit\n";
|
$out .= "\t - inherit\n";
|
||||||
|
@ -227,6 +228,21 @@ class AclShell extends Shell {
|
||||||
$this->out(str_repeat(' ', $i) . "[" . $nodes[$i][$class]['id'] . "]" . $nodes[$i][$class]['alias'] . "\n");
|
$this->out(str_repeat(' ', $i) . "[" . $nodes[$i][$class]['id'] . "]" . $nodes[$i][$class]['alias'] . "\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/**
|
||||||
|
* Check permission for a given ARO to a given ACO.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function check() {
|
||||||
|
$this->_checkArgs(3, 'check');
|
||||||
|
extract($this->__getParams());
|
||||||
|
|
||||||
|
if ($this->Acl->check($aro, $aco, $action)) {
|
||||||
|
$this->out(sprintf(__("%s is allowed.", true), $aro), true);
|
||||||
|
} else {
|
||||||
|
$this->out(sprintf(__("%s is not allowed.", true), $aro), true);
|
||||||
|
}
|
||||||
|
}
|
||||||
/**
|
/**
|
||||||
* Grant permission for a given ARO to a given ACO.
|
* Grant permission for a given ARO to a given ACO.
|
||||||
*
|
*
|
||||||
|
@ -234,12 +250,12 @@ class AclShell extends Shell {
|
||||||
*/
|
*/
|
||||||
function grant() {
|
function grant() {
|
||||||
$this->_checkArgs(3, 'grant');
|
$this->_checkArgs(3, 'grant');
|
||||||
//add existence checks for nodes involved
|
extract($this->__getParams());
|
||||||
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
|
|
||||||
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
|
|
||||||
|
|
||||||
if ($this->Acl->allow($aro, $aco, $this->args[2])) {
|
if ($this->Acl->allow($aro, $aco, $action)) {
|
||||||
$this->out(__("Permission granted.", true), true);
|
$this->out(__("Permission granted.", true), true);
|
||||||
|
} else {
|
||||||
|
$this->out(__("Permission was not granted.", true), true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
|
@ -249,11 +265,13 @@ class AclShell extends Shell {
|
||||||
*/
|
*/
|
||||||
function deny() {
|
function deny() {
|
||||||
$this->_checkArgs(3, 'deny');
|
$this->_checkArgs(3, 'deny');
|
||||||
//add existence checks for nodes involved
|
extract($this->__getParams());
|
||||||
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
|
|
||||||
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
|
if ($this->Acl->deny($aro, $aco, $action)) {
|
||||||
$this->Acl->deny($aro, $aco, $this->args[2]);
|
$this->out(__("Permission denied.", true), true);
|
||||||
$this->out(__("Requested permission successfully denied.", true), true);
|
} else {
|
||||||
|
$this->out(__("Permission was not denied.", true), true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Set an ARO to inhermit permission to an ACO.
|
* Set an ARO to inhermit permission to an ACO.
|
||||||
|
@ -262,10 +280,13 @@ class AclShell extends Shell {
|
||||||
*/
|
*/
|
||||||
function inherit() {
|
function inherit() {
|
||||||
$this->_checkArgs(3, 'inherit');
|
$this->_checkArgs(3, 'inherit');
|
||||||
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
|
extract($this->__getParams());
|
||||||
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
|
|
||||||
$this->Acl->inherit($aro, $aco, $this->args[2]);
|
if ($this->Acl->inherit($aro, $aco, $action)) {
|
||||||
$this->out(__("Requested permission successfully inherited.", true), true);
|
$this->out(__("Permission inherited.", true), true);
|
||||||
|
} else {
|
||||||
|
$this->out(__("Permission was not inherited.", true), true);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Show a specific ARO/ACO node.
|
* Show a specific ARO/ACO node.
|
||||||
|
@ -351,18 +372,20 @@ class AclShell extends Shell {
|
||||||
"\t\t" . __("Returns the path to the ACL object specified by <node>. This command", true) . "\n" .
|
"\t\t" . __("Returns the path to the ACL object specified by <node>. This command", true) . "\n" .
|
||||||
"\t\t" . __("is useful in determining the inhertiance of permissions for a certain", true) . "\n" .
|
"\t\t" . __("is useful in determining the inhertiance of permissions for a certain", true) . "\n" .
|
||||||
"\t\t" . __("object in the tree.", true) . "\n",
|
"\t\t" . __("object in the tree.", true) . "\n",
|
||||||
|
'check' => "\check <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
|
||||||
|
"\t\t" . __("Use this command to check ACL permissions.", true) . "\n",
|
||||||
|
|
||||||
'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " '*' " . __("(quotes required)", true) . "\n" .
|
'grant' => "\tgrant <aro_id> <aco_id> [<aco_action>] " . __("or", true) . " all\n" .
|
||||||
"\t\t" . __("Use this command to grant ACL permissions. Once executed, the ARO", true) . "\n" .
|
"\t\t" . __("Use this command to grant ACL permissions. Once executed, the ARO", true) . "\n" .
|
||||||
"\t\t" . __("specified (and its children, if any) will have ALLOW access to the", true) . "\n" .
|
"\t\t" . __("specified (and its children, if any) will have ALLOW access to the", true) . "\n" .
|
||||||
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
|
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
|
||||||
|
|
||||||
'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]\n" .
|
'deny' => "\tdeny <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
|
||||||
"\t\t" . __("Use this command to deny ACL permissions. Once executed, the ARO", true) . "\n" .
|
"\t\t" . __("Use this command to deny ACL permissions. Once executed, the ARO", true) . "\n" .
|
||||||
"\t\t" . __("specified (and its children, if any) will have DENY access to the", true) . "\n" .
|
"\t\t" . __("specified (and its children, if any) will have DENY access to the", true) . "\n" .
|
||||||
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
|
"\t\t" . __("specified ACO action (and the ACO's children, if any).", true) . "\n",
|
||||||
|
|
||||||
'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]\n" .
|
'inherit' => "\tinherit <aro_id> <aco_id> [<aco_action>]" . __("or", true) . " all\n" .
|
||||||
"\t\t" . __("Use this command to force a child ARO object to inherit its", true) . "\n" .
|
"\t\t" . __("Use this command to force a child ARO object to inherit its", true) . "\n" .
|
||||||
"\t\t" . __("permissions settings from its parent.", true) . "\n",
|
"\t\t" . __("permissions settings from its parent.", true) . "\n",
|
||||||
|
|
||||||
|
@ -371,7 +394,7 @@ class AclShell extends Shell {
|
||||||
"\t\t" . __("id/alias parameter allows you to return only a portion of the requested tree.", true) . "\n",
|
"\t\t" . __("id/alias parameter allows you to return only a portion of the requested tree.", true) . "\n",
|
||||||
|
|
||||||
'initdb' => "\tinitdb\n".
|
'initdb' => "\tinitdb\n".
|
||||||
"\t\t" . __("Use this command to create the database tables needed to use DB ACL.", true) . "\n",
|
"\t\t" . __("Use this command : cake schema run create -name DbAcl", true) . "\n",
|
||||||
|
|
||||||
'help' => "\thelp [<command>]\n" .
|
'help' => "\thelp [<command>]\n" .
|
||||||
"\t\t" . __("Displays this help message, or a message on a specific command.", true) . "\n"
|
"\t\t" . __("Displays this help message, or a message on a specific command.", true) . "\n"
|
||||||
|
@ -422,6 +445,25 @@ class AclShell extends Shell {
|
||||||
}
|
}
|
||||||
return $possibility;
|
return $possibility;
|
||||||
}
|
}
|
||||||
|
/**
|
||||||
|
* get params for standard Acl methods
|
||||||
|
*
|
||||||
|
* @return array aro, aco, action
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function __getParams() {
|
||||||
|
$aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
|
||||||
|
$aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
|
||||||
|
|
||||||
|
$action = null;
|
||||||
|
if(isset($this->args[2])) {
|
||||||
|
$action = $this->args[2];
|
||||||
|
if ($action == '' || $action == 'all') {
|
||||||
|
$action = '*';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return compact('aro', 'aco', 'action');
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Build data parameters based on node type
|
* Build data parameters based on node type
|
||||||
|
|
Loading…
Reference in a new issue