Cakephp 3 Permissions - Authentication

Asked

Viewed 317 times

0

Good afternoon,

Someone who has already needed to use the restrictions for the user via bank in an editable way that can help.

At first I followed the initial tutorial creating the user tables and roles, but the client asked to edit the access permissions of the role for example:

Roles | Permissions ADMIN -> all; EDITOR -> controller => POST, action ADD EDITOR -> controller => POST, action EDIT CLIENT -> Deny

In this way I created the table Permissions and roles_permissions and so I tried to pass on isAuthorized to allow or deny but without success. If you have a plugin that use or a better idea thank you already.

 public function isAuthorized($user)
 {

    $this->rolePermissionsTable = TableRegistry::get('RolePermissions');

    $rolePermissions = $this->rolePermissionsTable->find()->where(['role_id' => $user['role_id'] ])->all();
   //var_dump($rolePermissions); die;

    $this->rolePermissionsTable = TableRegistry::get('RolePermissions');

    $this->permissionsTable = TableRegistry::get("permissions");
    // Admin pode acessar todas as actions
    foreach ($rolePermissions as $authorized) {
        $permissions = $this->permissionsTable->find()->where(['id', $authorized['permission_id'] ] )->all();


        if ($user['role_id']== $authorized['role_id']) {
            $this->addPermission($permissions);
            $this->Auth->allow('*');
            return true;
        }
        if($user['role_id'] != $authorized['role_id']){
            return false;
        }
    }
   // Bloqueia acesso por padrão
     return false;
 }


 public function addPermission($permissions){
    foreach ($permissions as $permission) {
        $this->Auth->allow(['controller' => $permission['controller'], 'action' => $permission['action'] ]);
    }
 }

public Function removePermission($Permissions){ foreach ($Permissions as $permission) { $this->Auth->Deny(['controller' => $permission['controller'], 'action' => $permission['action'] ]); } }

1 answer

1

I created a plugin that controls application access in Cakephp 3, implementing ACL with web manager. Initially it comes with 4 groups, being super (the boss), admin (can everything but only in the administrative tables, which are groups, users and Permissions), manager, who can everything but only in the business tables (customers in the example app) and user who can nothing, log in only.

You grant and remove permissions via the web, in forms, you can grant permission for controller actions or remove.

Also comes with layout using Bootstrap.

See an online demo here: http://ribafs.org/demo

The demo only allows select. Install locally for a better experience.

Download https://github.com/ribafs/cake-control-br

Any doubt tell me.

  • Got show, followed this same concept with a slightly different mapping and made a creation of the menus dynamically through the permissions Scroll the user participates.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.