Class CrudAuthorize

An authorization adapter for AuthComponent. Provides the ability to authorize using CRUD mappings. CRUD mappings allow you to translate controller actions into *C*reate *R*ead *U*pdate *D*elete actions. This is then checked in the AclComponent as specific permissions.

For example, taking /posts/index as the current request. The default mapping for index, is a read permission check. The Acl check would then be for the posts controller with the read permission. This allows you to create permission systems that focus more on what is being done to resources, rather than the specific actions being visited.

BaseAuthorize
Extended by CrudAuthorize
Package: Cake\Controller\Component\Auth
Copyright: Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
License: MIT License
Since: 2.0
See: AuthComponent::$authenticate
See: AclComponent::check()
Located at Cake/Controller/Component/Auth/CrudAuthorize.php

Method Detail

__constructsource public 

__construct( ComponentCollection $collection , string $settings array() )

Sets up additional actionMap values that match the configured Routing.prefixes.

Parameters

ComponentCollection $collection
The component collection from the controller.
string $settings optional array()
An array of settings. This class does not use any settings.

Overrides

BaseAuthorize::__construct()

_setPrefixMappingssource protected 

_setPrefixMappings( )

sets the crud mappings for prefix routes.

authorizesource public 

authorize( array $user , CakeRequest $request )

Authorize a user using the mapped actions and the AclComponent.

Parameters

array $user
The user to authorize
CakeRequest $request
The request needing authorization.

Returns

boolean
bool

Methods inherited from BaseAuthorize

actionsource public 

action( CakeRequest $request , string $path '/:plugin/:controller/:action' )

Get the action path for a given request. Primarily used by authorize objects that need to get information about the plugin, controller, and action being invoked.

Parameters

CakeRequest $request
The request a path is needed for.
string $path optional '/:plugin/:controller/:action'
Path format.

Returns

string
the action path for the given request.

controllersource public 

controller( Controller $controller null )

Accessor to the controller object.

Parameters

Controller $controller optional null
null to get, a controller to set.

Returns

mixed
mixed

Throws

CakeException
CakeException

mapActionssource public 

mapActions( array $map array() )

Maps crud actions to actual action names. Used to modify or get the current mapped actions.

Create additional mappings for a standard CRUD operation:

$this->Auth->mapActions(array('create' => array('add', 'register'));

Or equivalently:

$this->Auth->mapActions(array('register' => 'create', 'add' => 'create'));

Create mappings for custom CRUD operations:

$this->Auth->mapActions(array('range' => 'search'));

You can use the custom CRUD operations to create additional generic permissions that behave like CRUD operations. Doing this will require additional columns on the permissions lookup. For example if one wanted an additional search CRUD operation one would create and additional column '_search' in the aros_acos table. One could create a custom admin CRUD operation for administration functions similarly if needed.

Parameters

array $map optional array()
Either an array of mappings, or undefined to get current values.

Returns

mixed
Either the current mappings or null when setting.

See

AuthComponent::mapActions()

Properties inherited from BaseAuthorize

$_Collectionsource

protected ComponentCollection

Component collection instance for getting more components.

$_Controllersource

protected Controller

Controller for the request.

null

$settingssource

public array

Settings for authorize objects.

  • actionPath - The path to ACO nodes that contains the nodes for controllers. Used as a prefix when calling $this->action();
  • actionMap - Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
  • userModel - Model name that ARO records can be found under. Defaults to 'User'.
array(
    'actionPath' => null,
    'actionMap' => array(
        'index' => 'read',
        'add' => 'create',
        'edit' => 'update',
        'view' => 'read',
        'delete' => 'delete',
        'remove' => 'delete'
    ),
    'userModel' => 'User'
)

© 2005–2016 The Cake Software Foundation, Inc.
Licensed under the MIT License.
CakePHP is a registered trademark of Cake Software Foundation, Inc.
We are not endorsed by or affiliated with CakePHP.
http://api.cakephp.org/2.7/class-CrudAuthorize.html