public function testPermitObject()
{
Permit::$routes = array();
Permit::$executed = null;
$this->assertEqual(count(Permit::$routes), 0);
Permit::access(array('controller' => array('permit_tests', 'tags'), 'action' => array('add', 'edit', 'delete')), array('auth' => array('group' => 'admin')), array('redirect' => array('controller' => 'users', 'action' => 'login')));
$this->assertEqual(count(Permit::$routes), 1);
Permit::access(array('controller' => 'permit_tests', 'action' => array('add', 'edit', 'delete')), array('auth' => array('group' => 'admin')), array('redirect' => array('controller' => 'users', 'action' => 'login')));
$this->assertEqual(count(Permit::$routes), 2);
Permit::access(array('controller' => 'users'), array('auth' => true), array('element' => 'auth_error', 'redirect' => array('controller' => 'users', 'action' => 'login')));
$this->assertEqual(count(Permit::$routes), 3);
$expected = array('route' => array('controller' => array('permit_tests', 'tags'), 'action' => array('add', 'edit', 'delete')), 'rules' => array('auth' => array('group' => 'admin')), 'redirect' => array('controller' => 'users', 'action' => 'login'), 'message' => __('Access denied', true), 'element' => 'default', 'params' => array(), 'key' => 'flash');
$this->assertEqual(current(Permit::$routes), $expected);
reset(Permit::$routes);
$expected = array('route' => array('controller' => 'users'), 'rules' => array('auth' => true), 'redirect' => array('controller' => 'users', 'action' => 'login'), 'message' => __('Access denied', true), 'element' => 'auth_error', 'params' => array(), 'key' => 'flash');
$this->assertEqual(end(Permit::$routes), $expected);
reset(Permit::$routes);
}
<?php
if (!class_exists('Permit')) {
App::import('Component', 'Sanction.PermitComponent');
}
Permit::access(array('plugin' => 'settings'), array('auth' => array('group' => 'admin')), array('redirect' => array('plugin' => null, 'controller' => 'users', 'action' => 'login'), 'element' => 'flash/error'));
Permit::access(array('controller' => 'users', 'action' => array('login', 'register', 'forgot_password', 'reset_password')), array('auth' => false), array('redirect' => array('controller' => 'users', 'action' => 'index')));
Permit::access(array('controller' => 'users', 'action' => array('change_password', 'dashboard', 'profile', 'logout')), array('auth' => true), array('redirect' => array('controller' => 'users', 'action' => 'login')));
Permit::access(array('controller' => 'account'), array('auth' => true), array('redirect' => array('controller' => 'users', 'action' => 'login')));
Permit::access(array('admin' => true), array('auth' => array('is_admin' => true)), array('redirect' => array('controller' => 'users', 'action' => 'index', 'admin' => false)));
/**
* Connects a route to a given ruleset
*
* @param array $route array describing a route
* @param array $rules array of rules regarding the route
* @param array $redirect Array containing the url to redirect to on route fail
* @return array Array of connected routes
*/
public function access($route, $rules = array(), $redirect = array())
{
$this->routes[] = Permit::access($route, $rules, $redirect);
}
<?php
App::import('Component', 'PermitComponent');
Permit::access(array('controller' => 'github'), array('auth' => array('group' => 'admin')), array('redirect' => array('controller' => 'packages', 'action' => 'index')));
Permit::access(array('controller' => array('maintainers', 'packages'), 'action' => array('add', 'edit', 'delete')), array('auth' => array('group' => 'admin')), array('redirect' => array('action' => 'index')));
Permit::access(array('plugin' => 'settings'), array('auth' => array('group' => 'admin')), array('redirect' => array('controller' => 'packages', 'action' => 'index')));
Permit::access(array('controller' => 'users', 'action' => array('change_password', 'dashboard', 'logout')), array('auth' => true), array('redirect' => array('controller' => 'users', 'action' => 'login')));
Permit::access(array('controller' => 'users', 'action' => array('forgot_password', 'login', 'reset_password')), array('auth' => false), array('redirect' => array('controller' => 'users', 'action' => 'dashboard')));
function beforeRender(&$controller)
{
$permit_component =& PermitComponent::getInstance();
$permit =& Permit::getInstance();
return array('clearances' => $permit->clearances, 'executed' => $permit_component->executed);
}
/**
* Creates an HTML link.
*
* If $url starts with "http://" this is treated as an external link. Else,
* it is treated as a path to controller/action and parsed against the routes
* included in app/config/permit.php. If there is a match and the User's session
* clears with the rules, it is then sent off to the HtmlHelper::link() method
*
* If the $url is empty, $title is used instead.
*
* ### Options
*
* - `escape` Set to false to disable escaping of title and attributes.
*
* @param string $title The content to be wrapped by <a> tags.
* @param mixed $url Cake-relative URL or array of URL parameters, or external URL (starts with http://)
* @param array $options Array of HTML attributes.
* @param string $confirmMessage JavaScript confirmation message.
* @return string An `<a />` element.
* @access public
* @author Jose Diaz-Gonzalez
*/
function link($title, $url = null, $options = array(), $confirmMessage = false)
{
if (!is_array($url)) {
return $this->Html->link($title, $url, $options, $confirmMessage);
}
if (!isset($url['plugin']) && !empty($url['plugin'])) {
$url['plugin'] = $this->params['plugin'];
}
if (!isset($url['controller']) && empty($url['controller'])) {
$url['controller'] = $this->params['controller'];
}
if (!isset($url['action']) && empty($url['action'])) {
$url['action'] = $this->params['action'];
}
if (empty($this->routes)) {
$permit =& Permit::getInstance();
// $permit->clearances should contain an array of all clearances now
$this->routes = $permit->clearances;
}
if (empty($this->routes)) {
return $this->Html->link($title, $url, $options, $confirmMessage);
}
foreach ($this->routes as $route) {
if ($this->parse($url, $route)) {
return $this->execute($route, $title, $url, $options, $confirmMessage);
break;
}
}
return $this->Html->link($title, $url, $options, $confirmMessage);
}
function testPermitObject()
{
$permit = Permit::getInstance();
$Permit = PermitComponent::getInstance();
$this->assertEqual(count($Permit->routes), 0);
Permit::access(array('controller' => 'posts', 'action' => array('add', 'edit', 'delete')), array('auth' => true), array('redirect' => array('controller' => 'users', 'action' => 'login')));
$this->assertEqual(count($Permit->routes), 1);
Permit::access(array('controller' => 'users'), array('auth' => true), array('element' => 'auth_error', 'redirect' => array('controller' => 'users', 'action' => 'login')));
$this->assertEqual(count($Permit->routes), 2);
$expected = array('route' => array('controller' => 'posts', 'action' => array('add', 'edit', 'delete')), 'rules' => array('auth' => array('group' => 'admin')), 'redirect' => array('controller' => 'users', 'action' => 'login'), 'message' => __('Access denied', true), 'element' => 'default', 'params' => array(), 'key' => 'flash');
$this->assertEqual(current($Permit->routes), $expected);
reset($Permit->routes);
$expected = array('route' => array('controller' => 'users'), 'rules' => array('auth' => true), 'redirect' => array('controller' => 'users', 'action' => 'login'), 'message' => __('Access denied', true), 'element' => 'auth_error', 'params' => array(), 'key' => 'flash');
$this->assertEqual(end($Permit->routes), $expected);
reset($Permit->routes);
}
<?php
App::uses('Permit', 'Sanction.Controller/Component');
$element = 'flash/warning';
$message = __('Access denied.');
$adminMessage = __('Sorry, but you need to be an administrator to access this location.');
$redirect = $adminRedirect = $logoutRedirect = array('admin' => false, 'controller' => 'packages', 'action' => 'home');
if (Configure::read('Feature.auth_required')) {
$message = __('Sorry, but you need to be logged in to access this location.');
$redirect = array('controller' => 'users', 'action' => 'login');
}
Permit::access(array('prefix' => 'admin'), array('auth' => array('is_admin' => 1)), array('element' => $element, 'message' => $adminMessage, 'redirect' => $adminRedirect));
Permit::access(array('controllers' => 'users', 'action' => 'admin'), array('auth' => array('is_admin' => 1)), array('element' => $element, 'message' => $adminMessage, 'redirect' => $adminRedirect));
// Block access to every plugin in case people try to cut around application logic
Permit::access(array('plugin' => array('favorites', 'ratings', 'categories', 'settings')), array('auth' => array('is_admin' => 1)), array('element' => $element, 'message' => $adminMessage, 'redirect' => $adminRedirect));
Permit::access(array('controller' => 'github'), array('auth' => array('is_admin' => 1)), array('element' => $element, 'message' => $adminMessage, 'redirect' => $adminRedirect));
Permit::access(array('controller' => 'users', 'action' => array('change_password', 'admin', 'logout')), array('auth' => true), compact('element', 'message', 'redirect'));
Permit::access(array('controller' => 'packages', 'action' => array('rate', 'bookmark')), array('auth' => true), compact('element', 'message', 'redirect'));
Permit::access(array('controller' => 'users', 'action' => array('forgot_password', 'login', 'reset_password')), array('auth' => false), array('element' => $element, 'message' => __('Sorry, but you need to be logged out to access this location.'), 'redirect' => $logoutRedirect));
function access($route, $rules = array(), $redirect = array())
{
$permitComponent =& PermitComponent::getInstance();
$self =& Permit::getInstance();
if (empty($rules)) {
return $permitComponent->routes;
}
$redirect = array_merge(array('redirect' => $self->redirect, 'message' => __('Access denied', true), 'trace' => false, 'element' => 'default', 'params' => array(), 'key' => 'flash'), $redirect);
$newRoute = array('route' => $route, 'rules' => $rules, 'redirect' => $redirect['redirect'], 'message' => $redirect['message'], 'element' => $redirect['element'], 'params' => $redirect['params'], 'key' => $redirect['key'], 'trace' => $redirect['trace']);
$permitComponent->routes[] = $newRoute;
$self->clearances[] = $newRoute;
return $permitComponent->routes;
}
