Geek Answers Handbook

ACL Based View Change in CakePHP

I want to be able to show or hide certain elements in an ACL based view. For example, if a user views my Users / Index list, I don’t want to display the Delete User item if he does not have permission to delete users. If he has permission to edit users, I want to show the "Edit user" link.

I can hack this together, but being very new to Cake, I hope there is an elegant solution. The best thing I have done is to maintain logic in two places, so what the hell to support.

Thanks!

+6
model-view-controller cakephp acl
source share
5 answers

I know this is an old question now, but for those who are looking for a way, as I was ...

In AppController :: beforeFilter, you can assign an ACL component to a view variable and then use it in your view:

$this->set('user', $this->Auth->user()); $this->set('acl', $this->Acl);

And then you look just juse it like thie:

 if($acl->check(array('User' => $user), 'controllers/groupd/admin_delete')) {

This is not the right way to do this, but it works great

+4
source share

There is no general “elegant solution” :) I always wanted to do such a thing. Anyway, how could you do this:

Overwrite Html Helper in the application directory - make a copy from /cake/libs/views/helpers/html.php to / app / views / helpers / html.php and made some changes to the Html :: link function.

For example, you can check if the URL contains an action or delete an action.

Another part is to pass the correct parameters from the controller. In AppController :: beforeFilter you can read the user rights (it is better to cache) and pass it to the special Auth variable in the view.

Therefore, when you have rights in your view, it is easy to change the link. :)

As I said, I did not do this in a real example, but so I did.

In this case, there is 1 bad point - if the original Html helper is changed, yours will remain unchanged. But I believe that the Html helper is quite mature, so for me this is not a big problem.

+1
source share

I do it this way in app_controller.php, although you can do it just as well in certain controllers. Variables of the form $usersIndexAllowed and $configureAllowed then used in conditional statements in the view.

 function beforeRender() { if($this->layout=='admin') { $usersIndexAllowed = $this->Acl->check($user,"users/index"); $configureAllowed = $this->Acl->check($user,"siteAdmins/configure"); } $this->set(compact('usersIndexAllowed','configureAllowed')); }
+1
source share

In case you do not want to interfere with the redefinition of the main helpers, and you want a more automatic way to check (without hard coding the names and users of user groups or setting individual variables for the link) here is my suggestion:

Store all user permissions as session vars when the user logs in (clearing when logging out), and create a permissions assistant to check if the registered user has rights for a specific action.

code and example here

hope that helps

+1
source share

There are several approaches to this scenario. As Nick said, using the verification assistant for you is a quick way to “outsource” the logic and centralize it for ease of use.

Actually, look at AclLinkHelper - it does exactly what you are looking for, but is limited only by links.

0
source share

More articles:


All Articles