/** * Deny access for an ARO to an ACO. * * @access public */ function deny() { $this->_checkArgs(3, 'deny'); //add existence checks for nodes involved $aro = ife(is_numeric($this->args[0]), intval($this->args[0]), $this->args[0]); $aco = ife(is_numeric($this->args[1]), intval($this->args[1]), $this->args[1]); $this->Acl->deny($aro, $aco, $this->args[2]); $this->out(__("Requested permission successfully denied.", true), true); }
/** * Deny access for an ARO to an ACO. * * @access public */ function deny() { $this->_checkArgs(3, 'deny'); extract($this->__getParams()); if ($this->Acl->deny($aro, $aco, $action)) { $this->out(__("Permission denied.", true), true); } else { $this->out(__("Permission was not denied.", true), true); } }
function ircube_rebuild() { $this->out(__('Cleaning acos table ...')); //$this->Aco->query('TRUNCATE acos'); $this->aco_sync(); $this->out(__('Rebuilding UserGroups table ...')); App::import('Model', 'UserGroup'); $UserGroup = new UserGroup(); $this->out(sprintf(__('Cleaning UserGroup (%s) table', true), $UserGroup->table)); $UserGroup->query('TRUNCATE ' . $UserGroup->table); Configure::write('debug', 2); /* Membres inherits Guests, Modérateurs inherits Membres, Administrateurs inherits Modérateur */ $groups = array(array('UserGroup' => array('id' => 1, 'title' => 'Guest', 'parent_id' => 0)), array('UserGroup' => array('id' => 2, 'title' => 'Membre', 'parent_id' => 1)), array('UserGroup' => array('id' => 3, 'title' => 'Modérateur', 'parent_id' => 2)), array('UserGroup' => array('id' => 4, 'title' => 'Administrateur', 'parent_id' => 3))); foreach ($groups as $g) { $UserGroup->create($g); $UserGroup->save($g, false); $this->out(sprintf(__('Saved user group %s (id %d)', true), $g['UserGroup']['title'], $g['UserGroup']['id'])); } $this->out(''); $this->out('Cleaning aros table ...'); $this->Aro->query("TRUNCATE aros"); $this->out('Creating aros ...'); foreach ($groups as $g) { $this->Aro->create(); $this->Aro->save(array('model' => 'UserGroup', 'foreign_key' => $g['UserGroup']['id'], 'parent_id' => $g['UserGroup']['parent_id'], 'alias' => $g['UserGroup']['title'])); $this->out('Aro ' . $g['UserGroup']['title'] . ' created, inherits Aro ' . implode(', ', Set::extract('/UserGroup[id=' . $g['UserGroup']['parent_id'] . ']/title', $groups))); } $this->out(''); $this->out('Cleaning permissions table ...'); $this->Aro->query("TRUNCATE aros_acos"); $this->out('Building permissions ...'); /* Allow everything for everyone */ $this->Acl->allow('Administrateur', 'controllers'); $this->Acl->allow('Membre', 'controllers'); $this->Acl->allow('Modérateur', 'controllers'); $this->Acl->allow('Guest', 'controllers'); /* user_pictures */ $this->Acl->deny('Guest', 'UserPictures'); $this->Acl->allow('Membre', 'UserPictures'); $this->Acl->allow('Guest', 'UserPictures/gallery'); $this->Acl->allow('Guest', 'UserPictures/avatar'); /* Admin panel */ $this->Acl->deny('Guest', 'news/admin_index'); $this->Acl->allow('Membre', 'news/admin_index'); $this->Acl->deny('Guest', 'news/admin_edit'); $this->Acl->allow('Membre', 'news/admin_edit'); $this->Acl->deny('Guest', 'news/admin_delete'); $this->Acl->allow('Membre', 'news/admin_delete'); $this->Acl->deny('Guest', 'news/admin_publish'); $this->Acl->allow('Membre', 'news/admin_publish'); $this->Acl->deny('Guest', 'news/admin_unpublish'); $this->Acl->allow('Membre', 'news/admin_unpublish'); }
/** * Pass-thru function for ACL deny instance. Deny methods * are used to remove permission from an ARO to access an ACO. * * @param string $aro ARO The requesting object identifier. * @param string $aco ACO The controlled object identifier. * @param string $action Action (defaults to *) * @return boolean Success * @access public */ function deny($aro, $aco, $action = "*") { return $this->_Instance->deny($aro, $aco, $action); }
/** * Pass-thru function for ACL grant instance. An alias for AclComponent::deny() * * @param string $aro ARO The requesting object identifier. * @param string $aco ACO The controlled object identifier. * @param string $action Action (defaults to *) * @return boolean Success * @deprecated */ public function revoke($aro, $aco, $action = "*") { trigger_error(__('AclComponent::revoke() is deprecated, use deny() instead'), E_USER_WARNING); return $this->_Instance->deny($aro, $aco, $action); }