Skip to content
Permalink
Browse files

Update code examples to be consistent with other docs.

  • Loading branch information...
markstory committed Jul 3, 2014
1 parent cee56ea commit 3a06e1f6388eb377c4a81519331b8b08b2f3a64b
Showing with 42 additions and 30 deletions.
  1. +42 −30 app/Config/acl.php
@@ -34,57 +34,69 @@
* will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
* done via a call to Acl->check() with
*
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
* {{{
* array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
* }}}
*
* as ARO and
*
* '/controllers/invoices/delete'
* {{{
* '/controllers/invoices/delete'
* }}}
*
* as ACO.
*
* If the configured map looks like
*
* $config['map'] = array(
* 'User' => 'User/username',
* 'Role' => 'User/group_id',
* );
* {{{
* $config['map'] = array(
* 'User' => 'User/username',
* 'Role' => 'User/group_id',
* );
* }}}
*
* then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
* find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
* check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
* E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
*
* $config['alias'] = array(
* 'Role/4' => 'Role/editor',
* );
* {{{
* $config['alias'] = array(
* 'Role/4' => 'Role/editor',
* );
* }}}
*
* In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
*
* $config['roles'] = array(
* 'Role/admin' => null,
* 'Role/accountant' => null,
* 'Role/editor' => null,
* 'Role/manager' => 'Role/editor, Role/accountant',
* 'User/jeff' => 'Role/manager',
* );
* {{{
* $config['roles'] = array(
* 'Role/admin' => null,
* 'Role/accountant' => null,
* 'Role/editor' => null,
* 'Role/manager' => 'Role/editor, Role/accountant',
* 'User/jeff' => 'Role/manager',
* );
* }}}
*
* In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
* Lets define some rules:
*
* $config['rules'] = array(
* 'allow' => array(
* '*' => 'Role/admin',
* 'controllers/users/(dashboard|profile)' => 'Role/default',
* 'controllers/invoices/*' => 'Role/accountant',
* 'controllers/articles/*' => 'Role/editor',
* 'controllers/users/*' => 'Role/manager',
* 'controllers/invoices/delete' => 'Role/manager',
* ),
* 'deny' => array(
* 'controllers/invoices/delete' => 'Role/accountant, User/jeff',
* 'controllers/articles/(delete|publish)' => 'Role/editor',
* ),
* );
* {{{
* $config['rules'] = array(
* 'allow' => array(
* '*' => 'Role/admin',
* 'controllers/users/(dashboard|profile)' => 'Role/default',
* 'controllers/invoices/*' => 'Role/accountant',
* 'controllers/articles/*' => 'Role/editor',
* 'controllers/users/*' => 'Role/manager',
* 'controllers/invoices/delete' => 'Role/manager',
* ),
* 'deny' => array(
* 'controllers/invoices/delete' => 'Role/accountant, User/jeff',
* 'controllers/articles/(delete|publish)' => 'Role/editor',
* ),
* );
* }}}
*
* Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
* Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than

0 comments on commit 3a06e1f

Please sign in to comment.
You can’t perform that action at this time.