mirror of
https://github.com/brmlab/brmbiolab_sklad.git
synced 2025-06-09 13:44:00 +02:00
Initial commit
This commit is contained in:
commit
3b93da31de
1004 changed files with 265840 additions and 0 deletions
174
lib/Cake/Controller/Component/Acl/IniAcl.php
Normal file
174
lib/Cake/Controller/Component/Acl/IniAcl.php
Normal file
|
@ -0,0 +1,174 @@
|
|||
<?php
|
||||
/**
|
||||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
||||
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
*
|
||||
* Licensed under The MIT License
|
||||
* For full copyright and license information, please see the LICENSE.txt
|
||||
* Redistributions of files must retain the above copyright notice.
|
||||
*
|
||||
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
||||
* @link http://cakephp.org CakePHP(tm) Project
|
||||
* @package Cake.Controller.Component.Acl
|
||||
* @since CakePHP(tm) v 0.10.0.1076
|
||||
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
||||
*/
|
||||
|
||||
App::uses('AclInterface', 'Controller/Component/Acl');
|
||||
|
||||
/**
|
||||
* IniAcl implements an access control system using an INI file. An example
|
||||
* of the ini file used can be found in /config/acl.ini.php.
|
||||
*
|
||||
* @package Cake.Controller.Component.Acl
|
||||
*/
|
||||
class IniAcl extends Object implements AclInterface {
|
||||
|
||||
/**
|
||||
* Array with configuration, parsed from ini file
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $config = null;
|
||||
|
||||
/**
|
||||
* The Hash::extract() path to the user/aro identifier in the
|
||||
* acl.ini file. This path will be used to extract the string
|
||||
* representation of a user used in the ini file.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
public $userPath = 'User.username';
|
||||
|
||||
/**
|
||||
* Initialize method
|
||||
*
|
||||
* @param Component $component The AclComponent instance.
|
||||
* @return void
|
||||
*/
|
||||
public function initialize(Component $component) {
|
||||
}
|
||||
|
||||
/**
|
||||
* No op method, allow cannot be done with IniAcl
|
||||
*
|
||||
* @param string $aro ARO The requesting object identifier.
|
||||
* @param string $aco ACO The controlled object identifier.
|
||||
* @param string $action Action (defaults to *)
|
||||
* @return bool Success
|
||||
*/
|
||||
public function allow($aro, $aco, $action = "*") {
|
||||
}
|
||||
|
||||
/**
|
||||
* No op method, deny cannot be done with IniAcl
|
||||
*
|
||||
* @param string $aro ARO The requesting object identifier.
|
||||
* @param string $aco ACO The controlled object identifier.
|
||||
* @param string $action Action (defaults to *)
|
||||
* @return bool Success
|
||||
*/
|
||||
public function deny($aro, $aco, $action = "*") {
|
||||
}
|
||||
|
||||
/**
|
||||
* No op method, inherit cannot be done with IniAcl
|
||||
*
|
||||
* @param string $aro ARO The requesting object identifier.
|
||||
* @param string $aco ACO The controlled object identifier.
|
||||
* @param string $action Action (defaults to *)
|
||||
* @return bool Success
|
||||
*/
|
||||
public function inherit($aro, $aco, $action = "*") {
|
||||
}
|
||||
|
||||
/**
|
||||
* Main ACL check function. Checks to see if the ARO (access request object) has access to the
|
||||
* ACO (access control object).Looks at the acl.ini.php file for permissions
|
||||
* (see instructions in /config/acl.ini.php).
|
||||
*
|
||||
* @param string $aro ARO
|
||||
* @param string $aco ACO
|
||||
* @param string $action Action
|
||||
* @return bool Success
|
||||
*/
|
||||
public function check($aro, $aco, $action = null) {
|
||||
if (!$this->config) {
|
||||
$this->config = $this->readConfigFile(APP . 'Config' . DS . 'acl.ini.php');
|
||||
}
|
||||
$aclConfig = $this->config;
|
||||
|
||||
if (is_array($aro)) {
|
||||
$aro = Hash::get($aro, $this->userPath);
|
||||
}
|
||||
|
||||
if (isset($aclConfig[$aro]['deny'])) {
|
||||
$userDenies = $this->arrayTrim(explode(",", $aclConfig[$aro]['deny']));
|
||||
|
||||
if (array_search($aco, $userDenies)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($aclConfig[$aro]['allow'])) {
|
||||
$userAllows = $this->arrayTrim(explode(",", $aclConfig[$aro]['allow']));
|
||||
|
||||
if (array_search($aco, $userAllows)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($aclConfig[$aro]['groups'])) {
|
||||
$userGroups = $this->arrayTrim(explode(",", $aclConfig[$aro]['groups']));
|
||||
|
||||
foreach ($userGroups as $group) {
|
||||
if (array_key_exists($group, $aclConfig)) {
|
||||
if (isset($aclConfig[$group]['deny'])) {
|
||||
$groupDenies = $this->arrayTrim(explode(",", $aclConfig[$group]['deny']));
|
||||
|
||||
if (array_search($aco, $groupDenies)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($aclConfig[$group]['allow'])) {
|
||||
$groupAllows = $this->arrayTrim(explode(",", $aclConfig[$group]['allow']));
|
||||
|
||||
if (array_search($aco, $groupAllows)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Parses an INI file and returns an array that reflects the
|
||||
* INI file's section structure. Double-quote friendly.
|
||||
*
|
||||
* @param string $filename File
|
||||
* @return array INI section structure
|
||||
*/
|
||||
public function readConfigFile($filename) {
|
||||
App::uses('IniReader', 'Configure');
|
||||
$iniFile = new IniReader(dirname($filename) . DS);
|
||||
return $iniFile->read(basename($filename));
|
||||
}
|
||||
|
||||
/**
|
||||
* Removes trailing spaces on all array elements (to prepare for searching)
|
||||
*
|
||||
* @param array $array Array to trim
|
||||
* @return array Trimmed array
|
||||
*/
|
||||
public function arrayTrim($array) {
|
||||
foreach ($array as $key => $value) {
|
||||
$array[$key] = trim($value);
|
||||
}
|
||||
array_unshift($array, "");
|
||||
return $array;
|
||||
}
|
||||
|
||||
}
|
Loading…
Add table
Add a link
Reference in a new issue