0

我的应用程序在 cakephp 中运行,使用“LADP”AD(Active Directory)进行前端登录身份验证。我已经通过“路由前缀到管理员”集成了管理面板。这样我的管理操作就在与前端操作相同的控制器中。喜欢UsersController有动作login(), logout(), admin_login(), admin_logout(). 并且AdminContoller拥有

public function index() {

    $username = $this->Session->read('Admin.username');
    if (empty($username)) {
        $this->redirect(array('controller' => 'users', 'action' => 'login', 'admin' => true));
    } else {
        $this->redirect(array('action' => 'dashboard', 'admin' => true));
    }
}
public function admin_dashboard() {
    $this->loadModel('User');
    $this->loadModel('Group');
    $this->loadModel('News');
    $username = $this->Session->read('Admin.username');
    $group_id = $this->Session->read('Admin.group_id');

    if (empty($username) and ( $group_id = 1)) {
        $this->Session->setFlash(__('You are not authorized to view this Page!!'), 'default', array('class' => 'alert alert-error'));
        $this->redirect(array('controller' => 'users', 'action' => 'index', 'admin' => true));
    }

    $users = $this->User->find('count', array('conditions' => array('User.group_id !=' => 1)));
    $groups = $this->Group->find('count');
    $news = $this->News->find('count', array('conditions' => array('News.expiry_date >= NOW()')));
    $this->set(compact('users', 'groups', 'news'));
}

并具有AppController如下

class AppController extends Controller {

    public $helpers = array('Paginator','Acl.AclHtml');
    public $components = array('Acl', 'Session',
        'Auth' => array(

            'authError' => 'You are not authorized to access that location.',
            'authorize' => array(
                'Actions' => array(
                    'actionPath' => 'controllers')
            ),
            'controllers' => array('users')
        ));

    public function beforeFilter() {
        // LDAP
        $server_ip = $_SERVER['SERVER_ADDR'];
        $ldapIp = ClassRegistry::init('LdapIp');
        $ldapIpCount = $ldapIp->find('count', array('conditions' => array('ldap_ip' => $server_ip)));
        if ($ldapIpCount >= 1) {
            $this->Auth->authenticate = array('Ldap');
        } else {
            $this->Auth->authenticate = array('Form');
        }

        $this->Auth->allow();

        if (!$this->Auth->isAllow($this)) {
            $this->set(array(
                'message' => array(
                    'text' => __('un aunthaticated request'),
                    'type' => 'error',
                    'status' => "401"
                ),
                '_serialize' => array('message')
            ));
            throw new ForbiddenException();
        }
    }
}

如果他已登录,我如何将管理员重定向到admin/admin_dashboard,但如果他没有登录,则将他重定向到users/admin_login,而无需检查每个控制器的操作?我们可以在某处检查beforeFilter()AppController

请提供任何带有代码的建议来实现这一点。我将在此之后集成“alaxos ACL 插件 2.0”,所以请通过保留此场景向我推荐代码。

4

1 回答 1

0

我为我的项目使用了前缀 'admin' [if($this->params['prefix'] == 'admin')] ,在您的情况下,更改为控制器:

public function beforeFilter() {

    ....

    //Configure AuthComponent
    if($this->params['controller'] == 'admin') {
        $this->Auth->loginAction = array(
            'controller' => 'users',
            'action' => 'admin_login',
        );
        $this->Auth->logoutRedirect = array(
            'controller' => 'users',
            'action' => 'admin_login',
        );
        $this->Auth->loginRedirect = array(
            'controller' => 'admin',
            'action' => 'dashboard',
        );
    }
    ....
}

我认为你应该使用前缀'admin'。

更多信息:管理员前缀

于 2015-12-15T07:12:55.507 回答