CakePhp3-AclManager
, (*1)
Install
Composer require alescx/cakephp3-aclmanager
or on composer.json, (*2)
"alescx/cakephp3-aclmanager": "dev-master"
Requirements
CakePhp ACL, (*3)
How to
Build your Acos
First you need to build your acos, to do, you need to add this lines where you want. There are two way:, (*4)
-
By an event:, (*5)
use Alescx\AclManager\Event\PermissionsEditor;
$this->eventManager()->on(new PermissionsEditor());
$acosBuilder = new Event('Permissions.buildAcos', $this);
$this->eventManager()->dispatch($acosBuilder);
-
By the component, (*6)
$this->loadComponent('JcPires/AclManager.AclManager');
$this->AclManager->acosBuilder();
NB: !!! Don't forget to delete those lines after building !!!, (*7)
Add permissions when creating a new group
!!! Be caution, to works, you need first a first level ARO with base node full granted like a Super Admin like this on the aros_acos table: create:1 read: 1 update: 1 delete: 1!!!, (*8)
On your Admin/GroupsController.php, (*9)
use Alescx\AclManager\Event\PermissionsEditor;
Add basics permissions, on your action add, (*10)
if ($this->Groups->save($group)) {
if (isset($this->request->data['parent_id'])) {
$parent = $this->request->data['parent_id'];
} else {
$parent = null;
}
$this->eventManager()->on(new PermissionsEditor());
$perms = new Event('Permissions.addAro', $this, [
'Aro' => $group,
'Parent' => $parent,
'Model' => 'Groups'
]);
$this->eventManager()->dispatch($perms);
}
Edit permissions
-
On your action edit(), (*11)
we need to get all acos "not really necessary is just an automatic array builder":, (*12)
$this->loadComponent('Alescx/AclManager.AclManager');
$EditablePerms = $this->AclManager->getFormActions();
If you to exclude some actions for the form like ajax actions, you have to add a static property, (*13)
On the specified controller like PostController or BlogController, ...:, (*14)
public static $AclActionsExclude = [
'action1',
'action2',
'...'
];
You will have an array with all acos's alias indexed by the controller aco path like:, (*15)
'Blog' => [
'add',
'edit',
'delete
],
'Post' => [
'add',
'edit',
'delete'
],
'Admin/Post' => [
'add',
'edit',
'delete'
]
-
Build your form, (*16)
First if you want to use the AclManager Helper, (*17)
public $helpers = [
'AclManager' => [
'className' => 'Alescx/AclManager.AclManager'
]
];
// on your action in your controllerPath
$EditablePerms = $this->AclManager->getFormActions();
an exemple with an Acl helper for checking if permissions are allowed or denied:, (*18)
<?php foreach ($EditablePerms as $Acos) :?>
<?php foreach ($Acos as $controllerPath => $actions) :?>
<?php if (!empty($actions)) :?>
<h4><?= $controllerPath ;?></h4>
<?php foreach ($actions as $action) :?>
<?php ($this->AclManager->checkGroup($group, $controllerPath.'/'.$action)) ? $val = 1 : $val = 0 ?>
<?= $this->Form->label($controllerPath.'/'.$action, $action);?>
<?= $this->Form->select($controllerPath.'/'.$action, [0 => 'No', 1 => 'Yes'], ['value' => $val]) ;?>
<?php endforeach ;?>
<?php endif;?>
<?php endforeach ;?>
<?php endforeach ;?>
render:, (*19)
<select name="App/Blog/add">
<option value="0">No</option>
<option value="1" selected>Yes</option>
</select>
If you don't use the Array Builder you need to specified your input name like aco path: App/Blog/add or App/Admin/Blog/add ... :base/:folder/:subfolder/:controller/:action "Folder and subfolder can be empty", (*20)
-
Update new permissions, (*21)
if ($this->request->is('post')) {
$this->eventManager()->on(new PermissionsEditor());
$perms = new Event('Permissions.editPerms', $this, [
'Aro' => $group,
'datas' => $this->request->data
]);
$this->eventManager()->dispatch($perms);
}
data need to be like this 'aco path' => value "0 deny / 1 allow", (*22)
'App/Blog/add' => 0
'App/Blog/edit' => 1
...