我的 cakephp 版本是 1.3.10,我为分配授权策略添加了 acl 组件。
它适用于所有控制器。但是在两个控制器中,我添加了 Upload 组件(用于上传文件)和 Image Resize 组件(用于调整图像大小)
var $components = array('Upload','ImageResize');
当我尝试访问我的控制器AffiliatesController并且AwardsController它进入循环并且我得到错误:页面没有正确重定向。
如果我评论了这些组件,那么它工作正常。谁能建议我这是什么问题?
我的 acl 控制器如下所示,
<?php
class AclController extends AppController {
var $name = 'Aco';
var $components = array('Acl');
function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('*');
}
function build_aco() {
error_reporting(0);
if (!Configure::read('debug')) {
return $this->_stop();
}
$log = array();
$aco = $this->Acl->Aco;
$root = $aco->node('controllers');
if (!$root) {
$aco->create(array('parent_id' => null, 'model' => null, 'alias' => 'controllers'));
$root = $aco->save();
$root['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for controllers';
} else {
$root = $root[0];
}
App::import('Core', 'File');
$Controllers = App::objects('controller');
$appIndex = array_search('App', $Controllers);
if ($appIndex !== false ) {
unset($Controllers[$appIndex]);
}
$baseMethods = get_class_methods('Controller');
$baseMethods[] = 'build_acl';
$Plugins = $this->_getPluginControllerNames();
$Controllers = array_merge($Controllers, $Plugins);
// look at each controller in app/controllers
foreach ($Controllers as $ctrlName) {
$methods = $this->_getClassMethods($this->_getPluginControllerPath($ctrlName));
// Do all Plugins First
if ($this->_isPlugin($ctrlName)){
$pluginNode = $aco->node('controllers/'.$this->_getPluginName($ctrlName));
if (!$pluginNode) {
$aco->create(array('parent_id' => $root['Aco']['id'], 'model' => null, 'alias' => $this->_getPluginName($ctrlName)));
$pluginNode = $aco->save();
$pluginNode['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for ' . $this->_getPluginName($ctrlName) . ' Plugin';
}
}
// find / make controller node
$controllerNode = $aco->node('controllers/'.$ctrlName);
if (!$controllerNode) {
if ($this->_isPlugin($ctrlName)){
$pluginNode = $aco->node('controllers/' . $this->_getPluginName($ctrlName));
$aco->create(array('parent_id' => $pluginNode['0']['Aco']['id'], 'model' => null, 'alias' => $this->_getPluginControllerName($ctrlName)));
$controllerNode = $aco->save();
$controllerNode['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for ' . $this->_getPluginControllerName($ctrlName) . ' ' . $this->_getPluginName($ctrlName) . ' Plugin Controller';
} else {
$aco->create(array('parent_id' => $root['Aco']['id'], 'model' => null, 'alias' => $ctrlName));
$controllerNode = $aco->save();
$controllerNode['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for ' . $ctrlName;
}
} else {
$controllerNode = $controllerNode[0];
}
//clean the methods. to remove those in Controller and private actions.
foreach ($methods as $k => $method) {
if (strpos($method, '_', 0) === 0) {
unset($methods[$k]);
continue;
}
if (in_array($method, $baseMethods)) {
unset($methods[$k]);
continue;
}
$methodNode = $aco->node('controllers/'.$ctrlName.'/'.$method);
if (!$methodNode) {
$aco->create(array('parent_id' => $controllerNode['Aco']['id'], 'model' => null, 'alias' => $method));
$methodNode = $aco->save();
$log[] = 'Created Aco node for '. $method;
}
}
}
if(count($log)>0) {
debug($log);
}
exit;
}
function _getClassMethods($ctrlName = null) {
App::import('Controller', $ctrlName);
if (strlen(strstr($ctrlName, '.')) > 0) {
// plugin's controller
$num = strpos($ctrlName, '.');
$ctrlName = substr($ctrlName, $num+1);
}
$ctrlclass = $ctrlName . 'Controller';
$methods = get_class_methods($ctrlclass);
// Add scaffold defaults if scaffolds are being used
$properties = get_class_vars($ctrlclass);
if (array_key_exists('scaffold',$properties)) {
if($properties['scaffold'] == 'admin') {
$methods = array_merge($methods, array('admin_add', 'admin_edit', 'admin_index', 'admin_view', 'admin_delete'));
} else {
$methods = array_merge($methods, array('add', 'edit', 'index', 'view', 'delete'));
}
}
return $methods;
}
function _isPlugin($ctrlName = null) {
$arr = String::tokenize($ctrlName, '/');
if (count($arr) > 1) {
return true;
} else {
return false;
}
}
function _getPluginControllerPath($ctrlName = null) {
$arr = String::tokenize($ctrlName, '/');
if (count($arr) == 2) {
return $arr[0] . '.' . $arr[1];
} else {
return $arr[0];
}
}
function _getPluginName($ctrlName = null) {
$arr = String::tokenize($ctrlName, '/');
if (count($arr) == 2) {
return $arr[0];
} else {
return false;
}
}
function _getPluginControllerName($ctrlName = null) {
$arr = String::tokenize($ctrlName, '/');
if (count($arr) == 2) {
return $arr[1];
} else {
return false;
}
}
/**
* Get the names of the plugin controllers ...
*
* This function will get an array of the plugin controller names, and
* also makes sure the controllers are available for us to get the
* method names by doing an App::import for each plugin controller.
*
* @return array of plugin names.
*
*/
function _getPluginControllerNames() {
App::import('Core', 'File', 'Folder');
$paths = Configure::getInstance();
$folder =& new Folder();
$folder->cd(APP . 'plugins');
// Get the list of plugins
$Plugins = $folder->read();
$Plugins = $Plugins[0];
$arr = array();
// Loop through the plugins
foreach($Plugins as $pluginName) {
// Change directory to the plugin
$didCD = $folder->cd(APP . 'plugins'. DS . $pluginName . DS . 'controllers');
// Get a list of the files that have a file name that ends
// with controller.php
$files = $folder->findRecursive('.*_controller\.php');
// Loop through the controllers we found in the plugins directory
foreach($files as $fileName) {
// Get the base file name
$file = basename($fileName);
// Get the controller name
$file = Inflector::camelize(substr($file, 0, strlen($file)-strlen('_controller.php')));
if (!preg_match('/^'. Inflector::humanize($pluginName). 'App/', $file)) {
if (!App::import('Controller', $pluginName.'.'.$file)) {
debug('Error importing '.$file.' for plugin '.$pluginName);
} else {
/// Now prepend the Plugin name ...
// This is required to allow us to fetch the method names.
$arr[] = Inflector::humanize($pluginName) . "/" . $file;
}
}
}
}
#echo "<pre>";
#print_r ($arr);exit;
return $arr;
}
/**
* Setting up permissions, To allow ARO's access to ACO's
*/
function build_permission() {
$group =& $this->User->Group;
//Allow developers to everything
$group->id = 1;
$this->Acl->allow(array('model' => 'Group', 'foreign_key' => 1), 'controllers');
//Allow administrator to everything except "Admin Groups", "Payment Gateways"
$group->id = 2;
$this->Acl->allow(array('model' => 'Group', 'foreign_key' => 2), 'controllers');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Groups');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Users/view');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Users/add');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Users/edit');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Users/delete');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Staticpages');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Cmstags');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Cmstagpositions');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Cmspages');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Emailtemplates');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Affiliates');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Awards');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Faqs');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Newsletters');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Newslettersubscribers');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Packages');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Transactions');
$this->Acl->deny(array('model' => 'Group', 'foreign_key' => 2), 'controllers/Testimonials');
//we add an exit to avoid an ugly "missing views" error message
echo "all done";
exit;
}
}
?>