diff options
Diffstat (limited to 'poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Controller/Component/Acl/IniAcl.php')
-rw-r--r-- | poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Controller/Component/Acl/IniAcl.php | 172 |
1 files changed, 172 insertions, 0 deletions
diff --git a/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Controller/Component/Acl/IniAcl.php b/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Controller/Component/Acl/IniAcl.php new file mode 100644 index 0000000..8810668 --- /dev/null +++ b/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Controller/Component/Acl/IniAcl.php @@ -0,0 +1,172 @@ +<?php +/** + * CakePHP(tm) : Rapid Development Framework (http://cakephp.org) + * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org) + * + * Licensed under The MIT License + * Redistributions of files must retain the above copyright notice. + * + * @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org) + * @link http://cakephp.org CakePHP(tm) Project + * @package Cake.Controller.Component + * @since CakePHP(tm) v 0.10.0.1076 + * @license MIT License (http://www.opensource.org/licenses/mit-license.php) + */ +App::uses('AclInterface', 'Controller/Component/Acl'); + +/** + * IniAcl implements an access control system using an INI file. An example + * of the ini file used can be found in /config/acl.ini.php. + * + * @package Cake.Controller.Component + */ +class IniAcl extends Object implements AclInterface { + +/** + * Array with configuration, parsed from ini file + * + * @var array + */ + public $config = null; + +/** + * The Hash::extract() path to the user/aro identifier in the + * acl.ini file. This path will be used to extract the string + * representation of a user used in the ini file. + * + * @var string + */ + public $userPath = 'User.username'; + +/** + * Initialize method + * + * @param AclBase $component + * @return void + */ + public function initialize(Component $component) { + } + +/** + * No op method, allow cannot be done with IniAcl + * + * @param string $aro ARO The requesting object identifier. + * @param string $aco ACO The controlled object identifier. + * @param string $action Action (defaults to *) + * @return boolean Success + */ + public function allow($aro, $aco, $action = "*") { + } + +/** + * No op method, deny cannot be done with IniAcl + * + * @param string $aro ARO The requesting object identifier. + * @param string $aco ACO The controlled object identifier. + * @param string $action Action (defaults to *) + * @return boolean Success + */ + public function deny($aro, $aco, $action = "*") { + } + +/** + * No op method, inherit cannot be done with IniAcl + * + * @param string $aro ARO The requesting object identifier. + * @param string $aco ACO The controlled object identifier. + * @param string $action Action (defaults to *) + * @return boolean Success + */ + public function inherit($aro, $aco, $action = "*") { + } + +/** + * Main ACL check function. Checks to see if the ARO (access request object) has access to the + * ACO (access control object).Looks at the acl.ini.php file for permissions + * (see instructions in /config/acl.ini.php). + * + * @param string $aro ARO + * @param string $aco ACO + * @param string $action Action + * @return boolean Success + */ + public function check($aro, $aco, $action = null) { + if ($this->config == null) { + $this->config = $this->readConfigFile(APP . 'Config' . DS . 'acl.ini.php'); + } + $aclConfig = $this->config; + + if (is_array($aro)) { + $aro = Hash::get($aro, $this->userPath); + } + + if (isset($aclConfig[$aro]['deny'])) { + $userDenies = $this->arrayTrim(explode(",", $aclConfig[$aro]['deny'])); + + if (array_search($aco, $userDenies)) { + return false; + } + } + + if (isset($aclConfig[$aro]['allow'])) { + $userAllows = $this->arrayTrim(explode(",", $aclConfig[$aro]['allow'])); + + if (array_search($aco, $userAllows)) { + return true; + } + } + + if (isset($aclConfig[$aro]['groups'])) { + $userGroups = $this->arrayTrim(explode(",", $aclConfig[$aro]['groups'])); + + foreach ($userGroups as $group) { + if (array_key_exists($group, $aclConfig)) { + if (isset($aclConfig[$group]['deny'])) { + $groupDenies = $this->arrayTrim(explode(",", $aclConfig[$group]['deny'])); + + if (array_search($aco, $groupDenies)) { + return false; + } + } + + if (isset($aclConfig[$group]['allow'])) { + $groupAllows = $this->arrayTrim(explode(",", $aclConfig[$group]['allow'])); + + if (array_search($aco, $groupAllows)) { + return true; + } + } + } + } + } + return false; + } + +/** + * Parses an INI file and returns an array that reflects the + * INI file's section structure. Double-quote friendly. + * + * @param string $filename File + * @return array INI section structure + */ + public function readConfigFile($filename) { + App::uses('IniReader', 'Configure'); + $iniFile = new IniReader(dirname($filename) . DS); + return $iniFile->read(basename($filename)); + } + +/** + * Removes trailing spaces on all array elements (to prepare for searching) + * + * @param array $array Array to trim + * @return array Trimmed array + */ + public function arrayTrim($array) { + foreach ($array as $key => $value) { + $array[$key] = trim($value); + } + array_unshift($array, ""); + return $array; + } + +} |