2014-07-10 61 views
0

我有兩個組ID管理路線:拒絕對具體的,而不是登錄用戶

組1 =>管理員

集團2 =>用戶

我正在尋找一種方式來否認訪問不屬於管理員的用戶(因此組2未登錄)。函數isAuthorized不起作用,我的意思是它總是返回true,我只是不知道爲什麼。感謝您的幫助

<?php 

App::uses('Controller', 'Controller'); 

class AppController extends Controller { 
    public $components = array(
     'Acl', 
     'Auth' => array(
      'authorize' => array(
       'Actions' => array('actionPath' => 'controllers') 
      ) 
     ), 
     'Session' 
    ); 

    public $helpers = array('Html', 'Form', 'Session'); 

    public function beforeFilter() { 
     parent::beforeFilter(); 
     //Configure AuthComponent 
     $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); 
     $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login'); 
     $this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'home'); 

     if(isset($this->request->params["prefix"]) && $this->request->params["prefix"] == "admin"){ 
      $this->layout = "admin"; 
     } else { 
      $this->layout = "default"; 
     } 

    } 

    public function isAuthorized() { 
     parent::isAuthorized(); 
     if(isset($this->request->params["prefix"]) && $this->request->params["prefix"] == "admin" && $this->Auth->user('group_id') === 1){ 
      return true; 
     } 
     else { 
      return false; 
     } 
    } 

} 

PagesController

<?php 
class PagesController extends AppController { 

/** 
* This controller does not use a model 
* 
* @var array 
*/ 
    public $uses = array(); 

/** 
* Displays a view 
* 
* @param mixed What page to display 
* @return void 
* @throws NotFoundException When the view file could not be found 
* or MissingViewException in debug mode. 
*/ 

    public function beforeFilter() { 
     parent::beforeFilter(); 
     $this->Auth->allow(); 
    } 

    public function display() { 
     $path = func_get_args(); 

     $count = count($path); 
     if (!$count) { 
      return $this->redirect('/'); 
     } 
     $page = $subpage = $title_for_layout = null; 

     if (!empty($path[0])) { 
      $page = $path[0]; 
     } 
     if (!empty($path[1])) { 
      $subpage = $path[1]; 
     } 
     if (!empty($path[$count - 1])) { 
      $title_for_layout = Inflector::humanize($path[$count - 1]); 
     } 
     $this->set(compact('page', 'subpage', 'title_for_layout')); 

     try { 
      $this->render(implode('/', $path)); 
     } catch (MissingViewException $e) { 
      if (Configure::read('debug')) { 
       throw $e; 
      } 
      throw new NotFoundException(); 
     } 
    } 

    public function admin_index() { 
     $title_for_layout = 'Dashboard'; 
     $this->set(compact('title_for_layout')); 
    } 

} 

路線

*/ 
    Router::connect('/', array('controller' => 'pages', 'action' => 'display', 'home')); 
/** 
* ...and connect the rest of 'Pages' controller's urls. 
*/ 
    Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display')); 
    Router::connect('/admin', array('controller' => 'pages', 'action' => 'index', 'admin' => true)); 
+0

你在使用定義'admin'行動?你在'routes.php'文件中設置了什麼? – Holt

+0

我添加了路線。如果用戶想要訪問http://www.mywebsite.com/admin,他們可以訪問,未登錄的用戶和組ID 2 ...我只是想允許管理員(組ID 1)的訪問權限, – user3790914

回答

2

要自動從動作像admin_添加前綴,你需要添加下面的行放在core.php文件:

Configure::write('Routing.prefixes', array('admin')); 

然後,可以通過/admin/pages/index而不是/pages/admin_index訪問動作PagesController::admin_index,並且admin參數設置爲true,因此您可以使用$this->params['admin'](請參閱我的代碼段)對其進行檢查。

其實,CakePHP的所有路由默認拒絕,但你允許在beforeFilter做$this->Auth->allow()PagesController所有路由,你需要添加一個例外admin

要做到這一點,在你AppController

<?php 

class AppController { 

    public $components = array(
     'Auth' => array(
      'loginAction' => array('controller' => 'users', 'action' => 'login'); 
      'loginRedirect' => array('controller' => 'pages', 'action' => 'home'); 
      'logoutRedirect' => array('controller' => 'users', 'action' => 'login'); 
      'authorize' => array('Controller'), 
     ) 
    ) ; 

    public beforeFilter() { 
     parent::beforeFilter() ; 
     // Allow everything to not logged user except admin pages 
     if (isset($this->params["admin"]) 
      && $this->params["admin"]) { 
      $this->Auth->deny() ; 
     } 
     else { 
      $this->Auth->allow() ; 
     } 
    } 

    public isAuthorized() { 
     if (isset($this->params["admin"]) 
      && $this->params["admin"]) { 
      return $this->Auth->user('group_id') === 1 ; 
     } 
     return parent::isAuthorized() ; 
    } 

} ; 
+0

感謝您的幫助,但它不會更改任何內容,未記錄並且組標識2可以訪問控制器頁面(admin_index)。我編輯了我的帖子,謝謝 – user3790914

+0

@ user3790914我已經更新了我的答案。您需要在'core.php'中設置前綴以允許使用名稱爲'admin_index'的方法。 – Holt

+0

它被seted,/ admin工作,只是每個人都可以訪問admin_index視圖的內容。 – user3790914