Beispiel #1
0
 /**
  * Deny access for an ARO to an ACO.
  *
  * @access public
  */
 function deny()
 {
     $this->_checkArgs(3, 'deny');
     //add existence checks for nodes involved
     $aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]);
     $aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]);
     $this->Acl->deny($aro, $aco, $this->args[2]);
     $this->out(__("Requested permission successfully denied.", true), true);
 }
Beispiel #2
0
 /**
  * Deny access for an ARO to an ACO.
  *
  * @access public
  */
 function deny()
 {
     $this->_checkArgs(3, 'deny');
     extract($this->__getParams());
     if ($this->Acl->deny($aro, $aco, $action)) {
         $this->out(__("Permission denied.", true), true);
     } else {
         $this->out(__("Permission was not denied.", true), true);
     }
 }
Beispiel #3
0
 function ircube_rebuild()
 {
     $this->out(__('Cleaning acos table ...'));
     //$this->Aco->query('TRUNCATE acos');
     $this->aco_sync();
     $this->out(__('Rebuilding UserGroups table ...'));
     App::import('Model', 'UserGroup');
     $UserGroup = new UserGroup();
     $this->out(sprintf(__('Cleaning UserGroup (%s) table', true), $UserGroup->table));
     $UserGroup->query('TRUNCATE ' . $UserGroup->table);
     Configure::write('debug', 2);
     /* Membres inherits Guests, Modérateurs inherits Membres, Administrateurs inherits Modérateur */
     $groups = array(array('UserGroup' => array('id' => 1, 'title' => 'Guest', 'parent_id' => 0)), array('UserGroup' => array('id' => 2, 'title' => 'Membre', 'parent_id' => 1)), array('UserGroup' => array('id' => 3, 'title' => 'Modérateur', 'parent_id' => 2)), array('UserGroup' => array('id' => 4, 'title' => 'Administrateur', 'parent_id' => 3)));
     foreach ($groups as $g) {
         $UserGroup->create($g);
         $UserGroup->save($g, false);
         $this->out(sprintf(__('Saved user group %s (id %d)', true), $g['UserGroup']['title'], $g['UserGroup']['id']));
     }
     $this->out('');
     $this->out('Cleaning aros table ...');
     $this->Aro->query("TRUNCATE aros");
     $this->out('Creating aros ...');
     foreach ($groups as $g) {
         $this->Aro->create();
         $this->Aro->save(array('model' => 'UserGroup', 'foreign_key' => $g['UserGroup']['id'], 'parent_id' => $g['UserGroup']['parent_id'], 'alias' => $g['UserGroup']['title']));
         $this->out('Aro ' . $g['UserGroup']['title'] . ' created, inherits Aro ' . implode(', ', Set::extract('/UserGroup[id=' . $g['UserGroup']['parent_id'] . ']/title', $groups)));
     }
     $this->out('');
     $this->out('Cleaning permissions table ...');
     $this->Aro->query("TRUNCATE aros_acos");
     $this->out('Building permissions ...');
     /* Allow everything for everyone */
     $this->Acl->allow('Administrateur', 'controllers');
     $this->Acl->allow('Membre', 'controllers');
     $this->Acl->allow('Modérateur', 'controllers');
     $this->Acl->allow('Guest', 'controllers');
     /* user_pictures */
     $this->Acl->deny('Guest', 'UserPictures');
     $this->Acl->allow('Membre', 'UserPictures');
     $this->Acl->allow('Guest', 'UserPictures/gallery');
     $this->Acl->allow('Guest', 'UserPictures/avatar');
     /* Admin panel */
     $this->Acl->deny('Guest', 'news/admin_index');
     $this->Acl->allow('Membre', 'news/admin_index');
     $this->Acl->deny('Guest', 'news/admin_edit');
     $this->Acl->allow('Membre', 'news/admin_edit');
     $this->Acl->deny('Guest', 'news/admin_delete');
     $this->Acl->allow('Membre', 'news/admin_delete');
     $this->Acl->deny('Guest', 'news/admin_publish');
     $this->Acl->allow('Membre', 'news/admin_publish');
     $this->Acl->deny('Guest', 'news/admin_unpublish');
     $this->Acl->allow('Membre', 'news/admin_unpublish');
 }
Beispiel #4
0
 /**
  * Pass-thru function for ACL deny instance. Deny methods
  * are used to remove permission from an ARO to access an ACO.
  *
  * @param string $aro ARO The requesting object identifier.
  * @param string $aco ACO The controlled object identifier.
  * @param string $action Action (defaults to *)
  * @return boolean Success
  * @access public
  */
 function deny($aro, $aco, $action = "*")
 {
     return $this->_Instance->deny($aro, $aco, $action);
 }
Beispiel #5
0
 /**
  * Pass-thru function for ACL grant instance. An alias for AclComponent::deny()
  *
  * @param string $aro ARO The requesting object identifier.
  * @param string $aco ACO The controlled object identifier.
  * @param string $action Action (defaults to *)
  * @return boolean Success
  * @deprecated
  */
 public function revoke($aro, $aco, $action = "*")
 {
     trigger_error(__('AclComponent::revoke() is deprecated, use deny() instead'), E_USER_WARNING);
     return $this->_Instance->deny($aro, $aco, $action);
 }