CakePHP3にてACLでアクセス管理
をテンプレートにして作成
[
トップ
] [
新規
|
一覧
|
検索
|
最終更新
|
ヘルプ
]
開始行:
[[CakePHP3めも]]
#contents
以下のプラグインを導入すればアクセス管理の幅が広がります。
-[[CakePhp3-AclManager:https://github.com/JcPires/CakePhp...
-[[acl:https://github.com/cakephp/acl]]
参考~
http://qiita.com/eiroh/items/f37a70a35103de6c6a1b
*テーブルの作成 [#d0c29a9e]
users, groupsテーブルを作成します。
参考~
http://book.cakephp.org/2.0/ja/tutorials-and-examples/sim...
bakeしてプログラム類を自動生成します。
$ bin/cake bake all users
$ bin/cake bake all groups
*プラグインのインストール [#g641d913]
composer.jsonに2行追加します。
"require": {
"php": ">=5.5.9",
"cakephp/cakephp": "3.3.*",
"mobiledetect/mobiledetectlib": "2.*",
"cakephp/migrations": "~1.0",
"cakephp/plugin-installer": "*",
"cakephp/acl": "dev-master",
"jcpires/cakephp3-aclmanager": "dev-master"
},
# /usr/local/bin/composer.phar update
*記述の追加 [#h760fadf]
**bootstrap.php [#t1ec03b4]
config/bootstrap.php に追加します。
Plugin::load('Acl', ['bootstrap' => true]);
**AppController.php [#n74de87f]
<?php
namespace App\Controller;
use Cake\Controller\Controller;
use Cake\Event\Event;
use Cake\Controller\ComponentRegistry;
use Acl\Controller\Component\AclComponent;
class AppController extends Controller
{
public function beforeFilter(Event $event)
{
$this->Auth->allow();
}
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('Acl.Acl');
$this->loadComponent('Auth', [
'authorize' => 'Controller',
'unauthorizedRedirect' => false,
'authError' => 'アクセス権限がありません',
]);
}
public function beforeRender(Event $event)
{
if (!array_key_exists('_serialize', $this->viewV...
in_array($this->response->type(), ['applicat...
) {
$this->set('_serialize', true);
}
}
public function isAuthorized($user)
{
$Collection = new ComponentRegistry();
$acl = new AclComponent($Collection);
$controller = $this->request->controller;
$action = $this->request->action;
return $acl->check(['Users' => ['id' => $user['i...
}
}
**GroupsController.php [#e57f02bd]
変更していないfunctionは省いています。
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\Event\Event;
use JcPires\AclManager\Event\PermissionsEditor;
class GroupsController extends AppController
{
public $helpers = [
'AclManager' => [
'className' => 'JcPires/AclManager.AclManager'
]
];
public function add()
{
$group = $this->Groups->newEntity();
if ($this->request->is('post')) {
$group = $this->Groups->patchEntity($group, ...
if ($this->Groups->save($group)) {
$this->Flash->success(__('The group has ...
return $this->redirect(['action' => 'ind...
} else {
$this->Flash->error(__('The group could ...
}
}
$this->set(compact('group'));
$this->set('_serialize', ['group']);
}
public function edit($id = null)
{
$group = $this->Groups->get($id, [
'contain' => []
]);
$this->loadComponent('JcPires/AclManager.AclMana...
$EditablePerms = $this->AclManager->getFormActio...
if ($this->request->is(['patch', 'post', 'put'])...
$group = $this->Groups->patchEntity($group, ...
if ($this->Groups->save($group)) {
$this->eventManager()->on(new Permission...
$perms = new Event('Permissions.editPerm...
'Aro' => $group,
'datas' => $this->request->data
]);
$this->eventManager()->dispatch($perms);
$this->Flash->success(__('The group has ...
return $this->redirect(['action' => 'ind...
} else {
$this->Flash->error(__('The group could ...
}
}
$this->set(compact('group', 'EditablePerms'));
$this->set('_serialize', ['group', 'EditablePerm...
}
}
**UsersController.php [#v1c27b25]
変更していないfunctionは省いています。
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\Event\Event;
class UsersController extends AppController
{
public function beforeFilter(Event $event)
{
parent::beforeFilter($event);
$this->Auth->allow(['login']);
}
public function login()
{
if ($this->request->is('post')) {
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redi...
}
$this->Flash->error(__('Invalid username or ...
}
}
public function logout()
{
return $this->redirect($this->Auth->logout());
}
**Group.php [#y50f5d87]
public function parentNode()
{
return null;
}
**User.php [#f5d3bc5c]
use Cake\ORM\TableRegistry;
use Cake\Auth\DefaultPasswordHasher;
protected function _setPassword($password)
{
return (new DefaultPasswordHasher)->hash($passwo...
}
public function parentNode()
{
if (!$this->id) {
return null;
}
if (isset($this->group_id)) {
$group_id = $this->group_id;
} else {
$users_table = TableRegistry::get('Users');
$user = $users_table->find('all', ['fields' ...
$group_id = $user->group_id;
}
if (!$group_id) {
return null;
}
return ['Groups' => ['id' => $group_id]];
}
**Groups.php [#c3c3a5c3]
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
**Users.php [#z63e0b65]
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
**Groups/edit.ctp [#z53145a2]
<?= $this->Form->create($group) ?>
<fieldset>
<legend><?= __('Edit Group') ?></legend>
<?php
echo $this->Form->input('name');
?>
<?php foreach ($EditablePerms as $Acos) :?>
<?php foreach ($Acos as $controllerPath => $...
<?php if (!empty($actions)) :?>
<h4><?= $controllerPath ;?></h4>
<?php foreach ($actions as $action) ...
<?php ($this->AclManager->checkG...
<?= $this->Form->label($controll...
<?= $this->Form->select($control...
<?php endforeach ;?>
<?php endif;?>
<?php endforeach ;?>
<?php endforeach ;?>
</fieldset>
<?= $this->Form->button(__('Submit')) ?>
<?= $this->Form->end() ?>
**Users/login.ctp [#wb7cec0e]
<div class="users form">
<?= $this->Flash->render('auth') ?>
<?= $this->Form->create() ?>
<fieldset>
<legend><?= __('Please enter your username and p...
<?= $this->Form->input('username') ?>
<?= $this->Form->input('password') ?>
</fieldset>
<?= $this->Form->button(__('Login')); ?>
<?= $this->Form->end() ?>
</div>
*aclテーブルの作成 [#fefb1003]
$ bin/cake Migrations.migrations migrate -p Acl
*Acoデータの作成 [#webad04c]
$ bin/cake acl_extras aco_sync
$ bin/cake acl create aco controllers App
$ bin/cake acl create aco App isAuthorized
確認
$ bin/cake acl view aco
*グループとユーザーの登録 [#za4bbae3]
**グループを登録 [#i709aab0]
http://localhost/groups/add
**グループの権限設定 [#h905249d]
http://localhost/groups/edit/1
**ユーザーの登録 [#ye347093]
http://localhost/users/add
*動作確認 [#pbeb347a]
**ログアウト [#gfd47018]
http://localhost/users/logout
**AppController.phpの一部をコメント化 [#ge9155b4]
#$this->Auth->allow();
**リダイレクトされることを確認 [#ze2bfc94]
http://localhost/ へアクセスすると http://localhost/users...
他にも設定した権限通りに動作するか確認します。
*ControllerやActionを追加した際の更新方法 [#r3134587]
$ bin/cake acl_extras aco_update
終了行:
[[CakePHP3めも]]
#contents
以下のプラグインを導入すればアクセス管理の幅が広がります。
-[[CakePhp3-AclManager:https://github.com/JcPires/CakePhp...
-[[acl:https://github.com/cakephp/acl]]
参考~
http://qiita.com/eiroh/items/f37a70a35103de6c6a1b
*テーブルの作成 [#d0c29a9e]
users, groupsテーブルを作成します。
参考~
http://book.cakephp.org/2.0/ja/tutorials-and-examples/sim...
bakeしてプログラム類を自動生成します。
$ bin/cake bake all users
$ bin/cake bake all groups
*プラグインのインストール [#g641d913]
composer.jsonに2行追加します。
"require": {
"php": ">=5.5.9",
"cakephp/cakephp": "3.3.*",
"mobiledetect/mobiledetectlib": "2.*",
"cakephp/migrations": "~1.0",
"cakephp/plugin-installer": "*",
"cakephp/acl": "dev-master",
"jcpires/cakephp3-aclmanager": "dev-master"
},
# /usr/local/bin/composer.phar update
*記述の追加 [#h760fadf]
**bootstrap.php [#t1ec03b4]
config/bootstrap.php に追加します。
Plugin::load('Acl', ['bootstrap' => true]);
**AppController.php [#n74de87f]
<?php
namespace App\Controller;
use Cake\Controller\Controller;
use Cake\Event\Event;
use Cake\Controller\ComponentRegistry;
use Acl\Controller\Component\AclComponent;
class AppController extends Controller
{
public function beforeFilter(Event $event)
{
$this->Auth->allow();
}
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('Acl.Acl');
$this->loadComponent('Auth', [
'authorize' => 'Controller',
'unauthorizedRedirect' => false,
'authError' => 'アクセス権限がありません',
]);
}
public function beforeRender(Event $event)
{
if (!array_key_exists('_serialize', $this->viewV...
in_array($this->response->type(), ['applicat...
) {
$this->set('_serialize', true);
}
}
public function isAuthorized($user)
{
$Collection = new ComponentRegistry();
$acl = new AclComponent($Collection);
$controller = $this->request->controller;
$action = $this->request->action;
return $acl->check(['Users' => ['id' => $user['i...
}
}
**GroupsController.php [#e57f02bd]
変更していないfunctionは省いています。
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\Event\Event;
use JcPires\AclManager\Event\PermissionsEditor;
class GroupsController extends AppController
{
public $helpers = [
'AclManager' => [
'className' => 'JcPires/AclManager.AclManager'
]
];
public function add()
{
$group = $this->Groups->newEntity();
if ($this->request->is('post')) {
$group = $this->Groups->patchEntity($group, ...
if ($this->Groups->save($group)) {
$this->Flash->success(__('The group has ...
return $this->redirect(['action' => 'ind...
} else {
$this->Flash->error(__('The group could ...
}
}
$this->set(compact('group'));
$this->set('_serialize', ['group']);
}
public function edit($id = null)
{
$group = $this->Groups->get($id, [
'contain' => []
]);
$this->loadComponent('JcPires/AclManager.AclMana...
$EditablePerms = $this->AclManager->getFormActio...
if ($this->request->is(['patch', 'post', 'put'])...
$group = $this->Groups->patchEntity($group, ...
if ($this->Groups->save($group)) {
$this->eventManager()->on(new Permission...
$perms = new Event('Permissions.editPerm...
'Aro' => $group,
'datas' => $this->request->data
]);
$this->eventManager()->dispatch($perms);
$this->Flash->success(__('The group has ...
return $this->redirect(['action' => 'ind...
} else {
$this->Flash->error(__('The group could ...
}
}
$this->set(compact('group', 'EditablePerms'));
$this->set('_serialize', ['group', 'EditablePerm...
}
}
**UsersController.php [#v1c27b25]
変更していないfunctionは省いています。
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\Event\Event;
class UsersController extends AppController
{
public function beforeFilter(Event $event)
{
parent::beforeFilter($event);
$this->Auth->allow(['login']);
}
public function login()
{
if ($this->request->is('post')) {
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redi...
}
$this->Flash->error(__('Invalid username or ...
}
}
public function logout()
{
return $this->redirect($this->Auth->logout());
}
**Group.php [#y50f5d87]
public function parentNode()
{
return null;
}
**User.php [#f5d3bc5c]
use Cake\ORM\TableRegistry;
use Cake\Auth\DefaultPasswordHasher;
protected function _setPassword($password)
{
return (new DefaultPasswordHasher)->hash($passwo...
}
public function parentNode()
{
if (!$this->id) {
return null;
}
if (isset($this->group_id)) {
$group_id = $this->group_id;
} else {
$users_table = TableRegistry::get('Users');
$user = $users_table->find('all', ['fields' ...
$group_id = $user->group_id;
}
if (!$group_id) {
return null;
}
return ['Groups' => ['id' => $group_id]];
}
**Groups.php [#c3c3a5c3]
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
**Users.php [#z63e0b65]
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
**Groups/edit.ctp [#z53145a2]
<?= $this->Form->create($group) ?>
<fieldset>
<legend><?= __('Edit Group') ?></legend>
<?php
echo $this->Form->input('name');
?>
<?php foreach ($EditablePerms as $Acos) :?>
<?php foreach ($Acos as $controllerPath => $...
<?php if (!empty($actions)) :?>
<h4><?= $controllerPath ;?></h4>
<?php foreach ($actions as $action) ...
<?php ($this->AclManager->checkG...
<?= $this->Form->label($controll...
<?= $this->Form->select($control...
<?php endforeach ;?>
<?php endif;?>
<?php endforeach ;?>
<?php endforeach ;?>
</fieldset>
<?= $this->Form->button(__('Submit')) ?>
<?= $this->Form->end() ?>
**Users/login.ctp [#wb7cec0e]
<div class="users form">
<?= $this->Flash->render('auth') ?>
<?= $this->Form->create() ?>
<fieldset>
<legend><?= __('Please enter your username and p...
<?= $this->Form->input('username') ?>
<?= $this->Form->input('password') ?>
</fieldset>
<?= $this->Form->button(__('Login')); ?>
<?= $this->Form->end() ?>
</div>
*aclテーブルの作成 [#fefb1003]
$ bin/cake Migrations.migrations migrate -p Acl
*Acoデータの作成 [#webad04c]
$ bin/cake acl_extras aco_sync
$ bin/cake acl create aco controllers App
$ bin/cake acl create aco App isAuthorized
確認
$ bin/cake acl view aco
*グループとユーザーの登録 [#za4bbae3]
**グループを登録 [#i709aab0]
http://localhost/groups/add
**グループの権限設定 [#h905249d]
http://localhost/groups/edit/1
**ユーザーの登録 [#ye347093]
http://localhost/users/add
*動作確認 [#pbeb347a]
**ログアウト [#gfd47018]
http://localhost/users/logout
**AppController.phpの一部をコメント化 [#ge9155b4]
#$this->Auth->allow();
**リダイレクトされることを確認 [#ze2bfc94]
http://localhost/ へアクセスすると http://localhost/users...
他にも設定した権限通りに動作するか確認します。
*ControllerやActionを追加した際の更新方法 [#r3134587]
$ bin/cake acl_extras aco_update
ページ名: