codekanzlei/cake-auth-actions 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

codekanzlei/cake-auth-actions

Composer 安装命令:

composer require codekanzlei/cake-auth-actions

包简介

Simple ACL alternative for CakePHP 4

README 文档

README

License Build Status

A simple, configuration based ACL alternative for CakePHP 4. Allows you to define specific access rights to controller actions for different kinds of users.

Installation

1. Install the plugin via composer

composer require codekanzlei/auth-actions

2. Load the plugin in your src/Application.php

$this->addPlugin('AuthActions');

Usage & Configuration

1. Configure AppController.php

In your src/Controller/AppController.php, insert the following pieces of code in the matching sections:

Traits:

use \AuthActions\Lib\AuthActionsTrait;
...
use AuthActionsTrait;

$components:

public $components = [
    'Auth' => [
        'authenticate' => [
            'Form' => [
                'repository' => 'Users',
                'scope' => [
                    'status' => Status::ACTIVE,
                ]
            ]
        ],
        'authorize' => ['Controller'],
        'loginAction' => [], // prefered login view
        'loginRedirect' => [], // redirect after successful login
        'logoutRedirect' => [], // redirect after logout
        'authError' => 'PERMISSION_DENIED',
        
        // namespace declaration of AuthUtilsComponent
        'AuthActions.AuthUtils'
    ]
];

beforeFilter():

public function beforeFilter(\Cake\Event\Event $event)
{
    $this->initAuthActions();
}

2. Configure AppView.php

initialize():

public function initialize()
{
    $this->loadHelper('Auth', [
        'className' => 'AuthActions.Auth'
    ]);
}

3. Create additional files

In your project's config folder, create the required config files.

Note: For reference, see these files:

  • auth_actions.php-default

    here you can grant or restrict access to Controller functions to certain user roles.

  • user_rights.php-default

    here you can define further custom access rights, allowing easy control over which buttons will be rendered in view files, depending on the role of the user that's viewing them.

See [4. Grant/Restrict group rights](#### 4. Grant/Restrict group rights) for further information and example code snippets.

auth_actions.php

touch config/auth_actions.php

user_rights.php

touch config/user_rights.php

3. Define custom user roles

Add a new column namend role to your database users table.

In your User.php, you can define custom user roles as constants.

A commonly used, basic set of user roles ADMIN and USER can be defined as follows:

const ROLE_ADMIN = 'admin';
const ROLE_USER = 'user';

4. Grant/Restrict group rights

Following the example of a simple USER and ADMIN setup above, consider the following commonly needed use-cases.

  • restricting access for non-admin users: Consider a basic "Users" MVC setup. Assuming you wish to only grant ADMINS access to every controller-action, including edit() as well as any functions added later on, while restricting USERS from all functions except for index() and view().

    In auth_actions.php:

      $config = [
          'auth_actions' => [
              // Controller name: 'Users'
              'Users' => [
                  // wildcard * includes every action in this controller
                  '*' => [
                      User::ROLE_ADMIN
                  ],
                  
                  // here we explicitly list actions that
                  // USERS shall be able to access 
                  'index' => [
                      User::ROLE_USER
                  ],
                  'view' => [
                      User::ROLE_USER
                  ]
              ]
          ]
      ];
    
  • preventing buttons from being rendered in a view: The above code will prevent USERS from calling any action in UsersController except for index() and view() but - for example - edit buttons next to User entities in your index-view will still be rendered. Here's how you can prevent them from being rendered if the view file is being viewes by a non-ADMIN user:

    In user_rights.php:

      $config = [
          'user_rights' => [
              // granting a custom right only for Users of type ADMIN
              'viewEditButton' => [
                  User::ROLE_ADMIN
              ]
          ]
      ];
    

    In your index view:

      <?php if ($this->Auth->hasRight('viewEditButton')): ?>
          <?= $this->Html->link(__('Edit'), ['action' => 'edit', $user->id]) ?>
      <?php endif; ?>
    

codekanzlei/cake-auth-actions 适用场景与选型建议

codekanzlei/cake-auth-actions 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 78.88k 次下载、GitHub Stars 达 2, 最近一次更新时间为 2014 年 08 月 29 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 codekanzlei/cake-auth-actions 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 codekanzlei/cake-auth-actions 我们能提供哪些服务?
定制开发 / 二次开发

基于 codekanzlei/cake-auth-actions 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 78.88k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 2
  • 点击次数: 31
  • 依赖项目数: 2
  • 推荐数: 0

GitHub 信息

  • Stars: 2
  • Watchers: 1
  • Forks: 2
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2014-08-29