/**
* Start up And load Acl Component / Aco model
*
* @return void
**/
public function __construct()
{
$collection = new ComponentCollection();
$this->Acl = new AclComponent($collection);
$controller = null;
$this->Acl->startup($controller);
$this->Aco = $this->Acl->Aco;
}
function clearAcl($groupAlias, $data)
{
App::import('Component', 'Acl');
$acl = new AclComponent();
foreach ($data as $val) {
$acl->deny($groupAlias, $val);
}
return;
}
/**
* Start up And load Acl Component / Aco model
*
* @return void
**/
public function startup()
{
parent::startup();
$controller = new Controller();
$collection = new ComponentCollection();
$this->Acl = new AclComponent($collection);
$this->Acl->startup($controller);
$this->Aco = $this->Acl->Aco;
}
/**
* Start up And load Acl Component / Aco model
*
* @return void
**/
public function startup($controller = null)
{
if (!$controller) {
$controller = new Controller(new CakeRequest());
}
$collection = new ComponentCollection();
$this->Acl = new AclComponent($collection);
$this->Acl->startup($controller);
$this->Aco = $this->Acl->Aco;
$this->controller = $controller;
}
/**
* Start up And load Acl Component / Aco model
*
* @return void
**/
public function beforeFilter()
{
// parent::__construct();
$collection = new ComponentCollection();
$this->Acl = new AclComponent($collection);
//$controller = null;
$this->Acl->startup($this);
$this->Aco = $this->Acl->Aco;
$lastPlugins = CakeSession::read('Privileges.lastPlugin');
$this->pluginExclusions = !empty($lastPlugins) ? array_merge($lastPlugins, $this->pluginExclusions) : $this->pluginExclusions;
}
function checkHelper($aro, $aco, $action = "*")
{
if (isset($this->cached[$aro . '/aco:' . $aco . '/action:' . $action])) {
return $this->cached[$aro . '/aco:' . $aco . '/action:' . $action] == 'true' ? true : false;
}
$cache = Cache::read(Inflector::slug('acl/' . $aro . '/aco:' . $aco . '/action:' . $action), 'one day');
if (empty($cache)) {
$acl = new AclComponent();
App::import('Component', 'Acl');
$cache = $acl->check($aro, $aco, $action) ? 'true' : 'false';
Cache::write(Inflector::slug('acl/' . $aro . '/aco:' . $aco . '/action:' . $action), $cache, 'one day');
$this->cached[$aro . '/aco:' . $aco . '/action:' . $action] = $cache;
}
return $cache == 'true' ? true : false;
}
/**
* Set an ARO to inherit permission to an ACO.
*
* @return void
*/
public function inherit()
{
extract($this->_getParams());
if ($this->Acl->inherit($aro, $aco, $action)) {
$this->out(__d('cake_console', 'Permission inherited.'), true);
} else {
$this->out(__d('cake_console', 'Permission was not inherited.'), true);
}
}
/**
* Set an ARO to inhermit permission to an ACO.
*
* @access public
*/
function inherit()
{
$this->_checkArgs(3, 'inherit');
extract($this->__getParams());
if ($this->Acl->inherit($aro, $aco, $action)) {
$this->out(__("Permission inherited.", true), true);
} else {
$this->out(__("Permission was not inherited.", true), true);
}
}
protected function _aclCheck($url)
{
$plugin = '';
if (isset($url['plugin'])) {
$plugin = Inflector::camelize($url['plugin']) . '/';
}
$controller = '';
if (isset($url['controller'])) {
$controller = Inflector::camelize($url['controller']) . '/';
}
$action = 'index';
if (isset($url['action'])) {
$action = $url['action'];
}
$collection = new ComponentCollection();
$acl = new AclComponent($collection);
$aro = array($this->userModel => array($this->primaryKey => AuthComponent::user($this->primaryKey)));
$aco = $plugin . $controller . $action;
return $acl->check($aro, $aco);
}
public function check($aco)
{
App::import('Component', 'Acl');
$acl = new AclComponent(new ComponentCollection());
switch ($_SESSION['Auth']['user_type']) {
case 'Employee':
$current_user_id = $_SESSION['Auth']['User']['vc_emp_id_makess'];
//$Session->read('Auth.Employees.vc_emp_id_makess');
//Cache::delete("{$current_user_id}_{$aco}","default");
$acl_permission = Cache::read("{$current_user_id}_{$aco}", "default");
if ($acl_permission !== false) {
//CakeLog::write('activity', 'TESTING JAI SHREE RAM'.$acl_permission);
return (bool) $acl_permission;
}
$aros = $acl->Aro->find('all', array('conditions' => array('model' => 'Employee', 'foreign_key' => $current_user_id)));
break;
case 'Customer':
$aros = $acl->Aro->find('all', array('conditions' => array('model' => 'Customer', 'foreign_key' => $current_user_id)));
break;
}
//$query_end_time = microtime(true);
//$time = $query_end_time - $start_time;
//CakeLog::write('activity', 'QUERY '.$time);
foreach ($aros as $aro) {
if ($acl->check($aro['Aro'], $aco)) {
//$end_time = microtime(true);
//$time = $end_time - $start_time;
//CakeLog::write('activity', '-- END '.$time.' COUNT '.count($aros));
Cache::write("{$current_user_id}_{$aco}", "1", "default");
return true;
}
}
//$end_time = microtime(true);
//$time = $end_time - $start_time;
//CakeLog::write('activity', '-- END '.$time.' COUNT '.count($aros));
Cache::write("{$current_user_id}_{$aco}", "0", "default");
return false;
}
/**
* Sync the ARO table
*
* @return void
**/
public function permissions_reset($params = array())
{
// @codingStandardsIgnoreEnd
$this->Aro->query('TRUNCATE aros_acos;');
$configFile = APP . 'Config' . DS . 'Permissions' . DS . 'permissions.ini';
$ini_array = parse_ini_file($configFile, true);
foreach ($ini_array as $group => $permissions) {
$denyList = isset($permissions['deny']) ? $permissions['deny'] : array();
$allowList = isset($permissions['allow']) ? $permissions['allow'] : array();
$groupId = $this->_getGroupId($group);
$this->Group = ClassRegistry::init('Group');
$group = $this->Group;
$group->id = $groupId;
foreach ($denyList as $action) {
$this->Acl->deny($group, $action);
}
foreach ($allowList as $action) {
$this->Acl->allow($group, $action);
}
unset($this->Group);
}
$this->out(__('<success>Permissions Reset Complete</success>'));
return true;
}
/**
* Pass-thru function for ACL grant instance. An alias for AclComponent::deny()
*
* @param string $aro ARO The requesting object identifier.
* @param string $aco ACO The controlled object identifier.
* @param string $action Action (defaults to *)
* @return boolean Success
* @access public
*/
function revoke($aro, $aco, $action = "*")
{
$this->flushCache();
return parent::revoke($aro, $aco, $action);
}
/**
* Check DB
*
* Verifica a permissão diretamente no banco de dados
*
* @param array $aro ARO
* @param array $aco ACO
* @param string $action Action
* @return boolean
* @access public
*/
function checkDB($aro, $aco, $action = "*")
{
return parent::check($aro, $aco, $action);
}
function checkHelper($aro, $aco, $action = "*")
{
App::import('Component', 'Acl');
$acl = new AclComponent();
return $acl->check($aro, $aco, $action);
}
/**
* Revoke method.
*
* This method overrides and uses the original
* method. It only adds cache to it.
*
* @param string $aro ARO
* @param string $aco ACO
* @param string $action Action (defaults to *)
* @access public
*/
function revoke($aro, $aco, $action = "*")
{
parent::revoke($aro, $aco, $action);
$this->__deleteCache($aro, $aco, $action);
}
/**
* Validates a user against an abstract object.
*
* @param mixed $object The object to validate the user against.
* @param mixed $user Optional. The identity of the user to be validated.
* Uses the current user session if none specified. For
* valid forms of identifying users, see
* AuthComponent::identify().
* @param string $action Optional. The action to validate against.
* @see AuthComponent::identify()
* @return boolean True if the user validates, false otherwise.
*/
public function validate($object, $user = null, $action = null)
{
if (empty($user)) {
$user = $this->user();
}
if (empty($user)) {
return false;
}
return $this->Acl->check($user, $object, $action);
}
