codekanzlei/cake-auth-actions
Composer 安装命令:
composer require codekanzlei/cake-auth-actions
包简介
Simple ACL alternative for CakePHP 4
README 文档
README
A simple, configuration based ACL alternative for CakePHP 4. Allows you to define specific access rights to controller actions for different kinds of users.
Installation
1. Install the plugin via composer
composer require codekanzlei/auth-actions
2. Load the plugin in your src/Application.php
$this->addPlugin('AuthActions');
Usage & Configuration
1. Configure AppController.php
In your src/Controller/AppController.php, insert the following pieces of code in the matching sections:
Traits:
use \AuthActions\Lib\AuthActionsTrait;
...
use AuthActionsTrait;
$components:
public $components = [
'Auth' => [
'authenticate' => [
'Form' => [
'repository' => 'Users',
'scope' => [
'status' => Status::ACTIVE,
]
]
],
'authorize' => ['Controller'],
'loginAction' => [], // prefered login view
'loginRedirect' => [], // redirect after successful login
'logoutRedirect' => [], // redirect after logout
'authError' => 'PERMISSION_DENIED',
// namespace declaration of AuthUtilsComponent
'AuthActions.AuthUtils'
]
];
beforeFilter():
public function beforeFilter(\Cake\Event\Event $event)
{
$this->initAuthActions();
}
2. Configure AppView.php
initialize():
public function initialize()
{
$this->loadHelper('Auth', [
'className' => 'AuthActions.Auth'
]);
}
3. Create additional files
In your project's config folder, create the required config files.
Note: For reference, see these files:
-
auth_actions.php-defaulthere you can grant or restrict access to Controller functions to certain user roles.
-
user_rights.php-defaulthere you can define further custom access rights, allowing easy control over which buttons will be rendered in view files, depending on the role of the user that's viewing them.
See [4. Grant/Restrict group rights](#### 4. Grant/Restrict group rights) for further information and example code snippets.
auth_actions.php
touch config/auth_actions.php
user_rights.php
touch config/user_rights.php
3. Define custom user roles
Add a new column namend role to your database users table.
In your User.php, you can define custom user roles as constants.
A commonly used, basic set of user roles ADMIN and USER can be defined as follows:
const ROLE_ADMIN = 'admin';
const ROLE_USER = 'user';
4. Grant/Restrict group rights
Following the example of a simple USER and ADMIN setup above, consider the following commonly needed use-cases.
-
restricting access for non-admin users: Consider a basic "Users" MVC setup. Assuming you wish to only grant ADMINS access to every controller-action, including edit() as well as any functions added later on, while restricting USERS from all functions except for index() and view().
In
auth_actions.php:$config = [ 'auth_actions' => [ // Controller name: 'Users' 'Users' => [ // wildcard * includes every action in this controller '*' => [ User::ROLE_ADMIN ], // here we explicitly list actions that // USERS shall be able to access 'index' => [ User::ROLE_USER ], 'view' => [ User::ROLE_USER ] ] ] ]; -
preventing buttons from being rendered in a view: The above code will prevent USERS from calling any action in UsersController except for index() and view() but - for example - edit buttons next to User entities in your index-view will still be rendered. Here's how you can prevent them from being rendered if the view file is being viewes by a non-ADMIN user:
In
user_rights.php:$config = [ 'user_rights' => [ // granting a custom right only for Users of type ADMIN 'viewEditButton' => [ User::ROLE_ADMIN ] ] ];In your index view:
<?php if ($this->Auth->hasRight('viewEditButton')): ?> <?= $this->Html->link(__('Edit'), ['action' => 'edit', $user->id]) ?> <?php endif; ?>
codekanzlei/cake-auth-actions 适用场景与选型建议
codekanzlei/cake-auth-actions 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 78.88k 次下载、GitHub Stars 达 2, 最近一次更新时间为 2014 年 08 月 29 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 codekanzlei/cake-auth-actions 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 codekanzlei/cake-auth-actions 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 78.88k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 31
- 依赖项目数: 2
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2014-08-29