A CakePhp3 Acl manager
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src
.gitignore
.travis.yml
README.md
composer.json

README.md

CakePhp3-AclManager

Software License CakePHP 3 Build Status

Install

    Composer require jcpires/cakephp3-aclmanager

or on composer.json

    "jcpires/cakephp3-aclmanager": "dev-master"

Requirements

CakePhp ACL

How to

Build your Acos

First you need to build your acos, to do, you need to add this lines where you want. There are two way:

  • By an event:

        use JcPires\AclManager\Event\PermissionsEditor;
    
        $this->eventManager()->on(new PermissionsEditor());
        $acosBuilder = new Event('Permissions.buildAcos', $this);
        $this->eventManager()->dispatch($acosBuilder);
    
  • By the component

        $this->loadComponent('JcPires/AclManager.AclManager');
        $this->AclManager->acosBuilder();
    

NB: !!! Don't forget to delete those lines after building !!!

Add permissions when creating a new group

!!! Be caution, to works, you need first a first level ARO with base node full granted like a Super Admin like this on the aros_acos table: create:1 read: 1 update: 1 delete: 1!!!

On your Admin/GroupsController.php

    use JcPires\AclManager\Event\PermissionsEditor;

Add basics permissions, on your action add

    if ($this->Groups->save($group)) {

        if (isset($this->request->data['parent_id'])) {
            $parent = $this->request->data['parent_id'];
        } else {
            $parent = null;
        }

        $this->eventManager()->on(new PermissionsEditor());
        $perms = new Event('Permissions.addAro', $this, [
            'Aro' => $group,
            'Parent' => $parent,
            'Model' => 'Groups'
        ]);
        $this->eventManager()->dispatch($perms);
    }

Edit permissions

  1. On your action edit()
we need to get all acos "not really necessary is just an automatic array builder":

```
    $this->loadComponent('JcPires/AclManager.AclManager');
    $EditablePerms = $this->AclManager->getFormActions();
```

If you to exclude some actions for the form like ajax actions, you have to add a static property

On the specified controller like PostController or BlogController, ...:

```
    public static $AclActionsExclude = [
        'action1',
        'action2',
        '...'
    ];
```

You will have an array with all acos's alias indexed by the controller aco path like:

```
    'Blog' => [
        'add',
        'edit',
        'delete
    ],
    'Post' => [
        'add',
        'edit',
        'delete'
    ],
    'Admin/Post' => [
        'add',
        'edit',
        'delete'
    ]
```
  1. Build your form
First if you want to use the AclManager Helper

```
    public $helpers = [            
            'AclManager' => [
                        'className' => 'JcPires/AclManager.AclManager'
                    ]
        ];

    // on your action in your controllerPath
    $EditablePerms = $this->AclManager->getFormActions();
```

an exemple with an Acl helper for checking if permissions are allowed or denied:

```
<?php foreach ($EditablePerms as $Acos) :?>
    <?php foreach ($Acos as $controllerPath => $actions) :?>
        <?php if (!empty($actions)) :?>
            <h4><?= $controllerPath ;?></h4>
            <?php foreach ($actions as $action) :?>
                <?php ($this->AclManager->checkGroup($group, $controllerPath.'/'.$action)) ? $val = 1 : $val = 0 ?>
                <?= $this->Form->label($controllerPath.'/'.$action, $action);?>
                <?= $this->Form->select($controllerPath.'/'.$action, [0 => 'No', 1 => 'Yes'], ['value' => $val]) ;?>
            <?php endforeach ;?>
        <?php endif;?>
    <?php endforeach ;?>
<?php endforeach ;?>
```

render:

```
    <select name="App/Blog/add">
        <option value="0">No</option>
        <option value="1" selected>Yes</option>
    </select>
```

If you don't use the Array Builder you need to specified your input name like aco path: App/Blog/add or App/Admin/Blog/add ... :base/:folder/:subfolder/:controller/:action "Folder and subfolder can be empty"

  1. Update new permissions
```

    if ($this->request->is('post')) {

        $this->eventManager()->on(new PermissionsEditor());
        $perms = new Event('Permissions.editPerms', $this, [
            'Aro' => $group,
            'datas' => $this->request->data
        ]);
        $this->eventManager()->dispatch($perms);
    }

```

data need to be like this 'aco path' => value "0 deny / 1 allow"

```
    'App/Blog/add' => 0
    'App/Blog/edit' => 1
    ...
```