check permission against group not users using Auth->authorize=“actions”

喜夏-厌秋 提交于 2020-02-06 03:51:26

问题


Can any one explain me the working of Auth->authorize = "actions"
In my project i am planning tp give this.
As this taught me the authorize will call the $this->Aro->check($user,"controllers/:controller/:action")

This will check the against the user right??
that means the user should be there in aros table.
But i don't need this to check against user but i need to check against a group
How can i achive this.

now when the users is not in Aro table it showing the

So that The Aro's will be only the groups and adding of users to the Aros is needed

thankz in advance


回答1:


Got the solution
using this reference
i extended the AuthComponent to CustomAuth and overridden the isAutorized() method in the AuthComponent as follows

in controllers/components/custom_auth.php

    <?php
App::import('Component','Auth');
class CustomAuthComponent extends AuthComponent {

    public function isAuthorized($type = null, $object = null, $user = null) {

        $actions  = $this->__authType($type);
        if( $actions['type'] != 'actions' ){
            return parent::isAuthorized($type, $object, $user);
        }
        if (empty($user) && !$this->user()) {
            return false;
        } elseif (empty($user)) {
            $user = $this->user();
        }


        $group = array('model' => 'Group','foreign_key' =>$user['Login']['group_id']);
        $valid = $this->Acl->check($group, $this->action());
        return $valid;
    }
}
?>

in app_controller.php

function beforeFilter()
{
$this->CustomAuth->userModel = 'Login';
$this->CustomAuth->allowedActions = array('display');
$this->CustomAuth->actionPath = 'controllers/';
$this->CustomAuth->authorize = 'actions';
}

This solved my issue :)




回答2:


Take a look at this chapter. To check a group permission do this ('model' and 'foreign_key' values are from aros table):

$this->Acl->check(
     array('model' => 'Group', 'foreign_key' => 2),
    'controller/action'
);


来源:https://stackoverflow.com/questions/3413747/check-permission-against-group-not-users-using-auth-authorize-actions

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!