initial commit

.gitignore

@@ -0,0 +1,9 @@
+Lib/cakephp-lib
+Config/conflistConfigPrivate.php
+
+tmp/cache/models/myapp*
+tmp/cache/persistent/myapp*
+
+webroot/error_log
+tmp/logs/error.log
+tmp/logs/debug.log

.htaccess

@@ -0,0 +1,5 @@
+<IfModule mod_rewrite.c>
+    RewriteEngine on
+    RewriteRule    ^$    webroot/    [L]
+    RewriteRule    (.*) webroot/$1    [L]
+</IfModule>

Config/Schema/db_acl.php

@@ -0,0 +1,69 @@
+<?php
+/**
+ * This is Acl Schema file
+ *
+ * Use it to configure database for ACL
+ *
+ * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
+ * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ * @link          http://cakephp.org CakePHP(tm) Project
+ * @package       app.Config.Schema
+ * @since         CakePHP(tm) v 0.2.9
+ * @license       http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+/*
+ *
+ * Using the Schema command line utility
+ * cake schema run create DbAcl
+ *
+ */
+class DbAclSchema extends CakeSchema {
+
+	public function before($event = array()) {
+		return true;
+	}
+
+	public function after($event = array()) {
+	}
+
+	public $acos = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 10, 'key' => 'primary'),
+		'parent_id' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'model' => array('type' => 'string', 'null' => true),
+		'foreign_key' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'alias' => array('type' => 'string', 'null' => true),
+		'lft' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'rght' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
+	);
+
+	public $aros = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 10, 'key' => 'primary'),
+		'parent_id' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'model' => array('type' => 'string', 'null' => true),
+		'foreign_key' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'alias' => array('type' => 'string', 'null' => true),
+		'lft' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'rght' => array('type' => 'integer', 'null' => true, 'default' => null, 'length' => 10),
+		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
+	);
+
+	public $aros_acos = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 10, 'key' => 'primary'),
+		'aro_id' => array('type' => 'integer', 'null' => false, 'length' => 10, 'key' => 'index'),
+		'aco_id' => array('type' => 'integer', 'null' => false, 'length' => 10),
+		'_create' => array('type' => 'string', 'null' => false, 'default' => '0', 'length' => 2),
+		'_read' => array('type' => 'string', 'null' => false, 'default' => '0', 'length' => 2),
+		'_update' => array('type' => 'string', 'null' => false, 'default' => '0', 'length' => 2),
+		'_delete' => array('type' => 'string', 'null' => false, 'default' => '0', 'length' => 2),
+		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'ARO_ACO_KEY' => array('column' => array('aro_id', 'aco_id'), 'unique' => 1))
+	);
+
+}

Config/Schema/i18n.php

@@ -0,0 +1,50 @@
+<?php
+/**
+ * This is i18n Schema file
+ *
+ * Use it to configure database for i18n
+ *
+ * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
+ * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ * @link          http://cakephp.org CakePHP(tm) Project
+ * @package       app.Config.Schema
+ * @since         CakePHP(tm) v 0.2.9
+ * @license       http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+/**
+ *
+ * Using the Schema command line utility
+ *
+ * Use it to configure database for i18n
+ *
+ * cake schema run create i18n
+ */
+class I18nSchema extends CakeSchema {
+
+	public $name = 'i18n';
+
+	public function before($event = array()) {
+		return true;
+	}
+
+	public function after($event = array()) {
+	}
+
+	public $i18n = array(
+		'id' => array('type' => 'integer', 'null' => false, 'default' => null, 'length' => 10, 'key' => 'primary'),
+		'locale' => array('type' => 'string', 'null' => false, 'length' => 6, 'key' => 'index'),
+		'model' => array('type' => 'string', 'null' => false, 'key' => 'index'),
+		'foreign_key' => array('type' => 'integer', 'null' => false, 'length' => 10, 'key' => 'index'),
+		'field' => array('type' => 'string', 'null' => false, 'key' => 'index'),
+		'content' => array('type' => 'text', 'null' => true, 'default' => null),
+		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1), 'locale' => array('column' => 'locale', 'unique' => 0), 'model' => array('column' => 'model', 'unique' => 0), 'row_id' => array('column' => 'foreign_key', 'unique' => 0), 'field' => array('column' => 'field', 'unique' => 0))
+	);
+
+}

Config/Schema/sessions.php

@@ -0,0 +1,45 @@
+<?php
+/**
+ * This is Sessions Schema file
+ *
+ * Use it to configure database for Sessions
+ *
+ * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
+ * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ * @link          http://cakephp.org CakePHP(tm) Project
+ * @package       app.Config.Schema
+ * @since         CakePHP(tm) v 0.2.9
+ * @license       http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+/*
+ *
+ * Using the Schema command line utility
+ * cake schema run create Sessions
+ *
+ */
+class SessionsSchema extends CakeSchema {
+
+	public $name = 'Sessions';
+
+	public function before($event = array()) {
+		return true;
+	}
+
+	public function after($event = array()) {
+	}
+
+	public $cake_sessions = array(
+		'id' => array('type' => 'string', 'null' => false, 'key' => 'primary'),
+		'data' => array('type' => 'text', 'null' => true, 'default' => null),
+		'expires' => array('type' => 'integer', 'null' => true, 'default' => null),
+		'indexes' => array('PRIMARY' => array('column' => 'id', 'unique' => 1))
+	);
+
+}

Config/acl.ini.php

@@ -0,0 +1,65 @@
+;<?php exit() ?>
+;/**
+; * ACL Configuration
+; *
+; * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
+; * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+; *
+; *  Licensed under The MIT License
+; *  Redistributions of files must retain the above copyright notice.
+; *
+; * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+; * @link          http://cakephp.org CakePHP(tm) Project
+; * @package       app.Config
+; * @since         CakePHP(tm) v 0.10.0.1076
+; * @license       http://www.opensource.org/licenses/mit-license.php MIT License
+; */
+
+; acl.ini.php - Cake ACL Configuration
+; ---------------------------------------------------------------------
+; Use this file to specify user permissions.
+; aco = access control object (something in your application)
+; aro = access request object (something requesting access)
+;
+; User records are added as follows:
+;
+; [uid]
+; groups = group1, group2, group3
+; allow = aco1, aco2, aco3
+; deny = aco4, aco5, aco6
+;
+; Group records are added in a similar manner:
+;
+; [gid]
+; allow = aco1, aco2, aco3
+; deny = aco4, aco5, aco6
+;
+; The allow, deny, and groups sections are all optional.
+; NOTE: groups names *cannot* ever be the same as usernames!
+;
+; ACL permissions are checked in the following order:
+; 1. Check for user denies (and DENY if specified)
+; 2. Check for user allows (and ALLOW if specified)
+; 3. Gather user's groups
+; 4. Check group denies (and DENY if specified)
+; 5. Check group allows (and ALLOW if specified)
+; 6. If no aro, aco, or group information is found, DENY
+;
+; ---------------------------------------------------------------------
+
+;-------------------------------------
+;Users
+;-------------------------------------
+
+[username-goes-here]
+groups = group1, group2
+deny = aco1, aco2
+allow = aco3, aco4
+
+;-------------------------------------
+;Groups
+;-------------------------------------
+
+[groupname-goes-here]
+deny = aco5, aco6
+allow = aco7, aco8

Config/acl.php

@@ -0,0 +1,133 @@
+<?php
+/**
+ * This is the PHP base ACL configuration file.
+ *
+ * Use it to configure access control of your CakePHP application.
+ *
+ * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
+ * Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @copyright     Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
+ * @link          http://cakephp.org CakePHP(tm) Project
+ * @package       app.Config
+ * @since         CakePHP(tm) v 2.1
+ * @license       http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+/**
+ * Example
+ * -------
+ *
+ * Assumptions:
+ *
+ * 1. In your application you created a User model with the following properties:
+ *    username, group_id, password, email, firstname, lastname and so on.
+ * 2. You configured AuthComponent to authorize actions via
+ *    $this->Auth->authorize = array('Actions' => array('actionPath' => 'controllers/'),...)
+ *
+ * Now, when a user (i.e. jeff) authenticates successfully and requests a controller action (i.e. /invoices/delete)
+ * that is not allowed by default (e.g. via $this->Auth->allow('edit') in the Invoices controller) then AuthComponent
+ * will ask the configured ACL interface if access is granted. Under the assumptions 1. and 2. this will be
+ * done via a call to Acl->check() with
+ *
+ *    array('User' => array('username' => 'jeff', 'group_id' => 4, ...))
+ *
+ * as ARO and
+ *
+ *    '/controllers/invoices/delete'
+ *
+ * as ACO.
+ *
+ * If the configured map looks like
+ *
+ *    $config['map'] = array(
+ *       'User' => 'User/username',
+ *       'Role' => 'User/group_id',
+ *    );
+ *
+ * then PhpAcl will lookup if we defined a role like User/jeff. If that role is not found, PhpAcl will try to
+ * find a definition for Role/4. If the definition isn't found then a default role (Role/default) will be used to
+ * check rules for the given ACO. The search can be expanded by defining aliases in the alias configuration.
+ * E.g. if you want to use a more readable name than Role/4 in your definitions you can define an alias like
+ *
+ *    $config['alias'] = array(
+ *       'Role/4' => 'Role/editor',
+ *    );
+ *
+ * In the roles configuration you can define roles on the lhs and inherited roles on the rhs:
+ *
+ *    $config['roles'] = array(
+ *       'Role/admin' => null,
+ *       'Role/accountant' => null,
+ *       'Role/editor' => null,
+ *       'Role/manager' => 'Role/editor, Role/accountant',
+ *       'User/jeff' => 'Role/manager',
+ *    );
+ *
+ * In this example manager inherits all rules from editor and accountant. Role/admin doesn't inherit from any role.
+ * Lets define some rules:
+ *
+ *    $config['rules'] = array(
+ *       'allow' => array(
+ *       	'*' => 'Role/admin',
+ *       	'controllers/users/(dashboard|profile)' => 'Role/default',
+ *       	'controllers/invoices/*' => 'Role/accountant',
+ *       	'controllers/articles/*' => 'Role/editor',
+ *       	'controllers/users/*'  => 'Role/manager',
+ *       	'controllers/invoices/delete'  => 'Role/manager',
+ *       ),
+ *       'deny' => array(
+ *       	'controllers/invoices/delete' => 'Role/accountant, User/jeff',
+ *       	'controllers/articles/(delete|publish)' => 'Role/editor',
+ *       ),
+ *    );
+ *
+ * Ok, so as jeff inherits from Role/manager he's matched every rule that references User/jeff, Role/manager,
+ * Role/editor, Role/accountant and Role/default. However, for jeff, rules for User/jeff are more specific than
+ * rules for Role/manager, rules for Role/manager are more specific than rules for Role/editor and so on.
+ * This is important when allow and deny rules match for a role. E.g. Role/accountant is allowed
+ * controllers/invoices/* but at the same time controllers/invoices/delete is denied. But there is a more
+ * specific rule defined for Role/manager which is allowed controllers/invoices/delete. However, the most specific
+ * rule denies access to the delete action explicitly for User/jeff, so he'll be denied access to the resource.
+ *
+ * If we would remove the role definition for User/jeff, then jeff would be granted access as he would be resolved
+ * to Role/manager and Role/manager has an allow rule.
+ */
+
+/**
+ * The role map defines how to resolve the user record from your application
+ * to the roles you defined in the roles configuration.
+ */
+$config['map'] = array(
+	'User' => 'User/username',
+	'Role' => 'User/group_id',
+);
+
+/**
+ * define aliases to map your model information to
+ * the roles defined in your role configuration.
+ */
+$config['alias'] = array(
+	'Role/4' => 'Role/editor',
+);
+
+/**
+ * role configuration
+ */
+$config['roles'] = array(
+	'Role/admin' => null,
+);
+
+/**
+ * rule configuration
+ */
+$config['rules'] = array(
+	'allow' => array(
+		'*' => 'Role/admin',
+	),
+	'deny' => array(),
+);