You can install this plugin into your CakePHP application using composer.
The recommended way to install composer packages is:
composer require ivanamat/cakephp3-aclmanager
git submodule add [email protected]:ivanamat/cakephp3-aclmanager.git plugins/AclManager
git submodule init
git submodule update
Download the .zip or .tar.gz file, unzip and rename the plugin folder "cakephp3-aclmanager" to "AclManager" then copy the folder to your plugins folder.
- Install the CakePHP ACL plugin by running composer require cakephp/acl. Read Acl plugin documentation.
- Set AclManager configuration. AclManager.aros must be specified.
- Load the Acl and AclManager plugins in app/config/bootstrap.php.
# Example configuration for an schema based on Groups, Roles and Users
Configure::write('AclManager.aros', array('Groups', 'Roles', 'Users'));
Plugin::load('Acl', ['bootstrap' => true]);
Plugin::load('AclManager', ['bootstrap' => true, 'routes' => true]);Warning: It is not recommended to use Plugin::loadAll();. if you use Plugin::loadAll(); make sure it will not load any plugin several times with Plugin::load('PluginName').
- AclManager.aros Required. Sets the AROs to be used. The value of this parameter must be an array with the names of the AROs to be used.
# Example configuration for an schema based on Groups, Roles and Users
Configure::write('AclManager.aros', array('Groups', 'Roles', 'Users'));- AclManager.admin Optional. Set 'admin' prefix. The value of this parameter must be boolean.
# Set prefix admin ( http://www.domain.com/admin/AclManager )
Configure::write('AclManager.aros', true);To create ACL related tables, run the following Migrations command.
bin/cake migrations migrate -p Acl
An example schema based on Groups, Roles and Users.
CREATE TABLE `groups` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE `roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`group_id` int(11) DEFAULT NULL,
`name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`group_id` int(11) NOT NULL,
`role_id` int(11) NOT NULL,
`username` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`password` char(255) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;Include and configure the AuthComponent and the AclComponent in the AppController.
public $components = [
'Acl' => [
'className' => 'Acl.Acl'
]
];
$this->loadComponent('Auth', [
'authorize' => [
'Acl.Actions' => ['actionPath' => 'controllers/']
],
'loginAction' => [
'plugin' => false,
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => [
'plugin' => false,
'controller' => 'Posts',
'action' => 'index'
],
'logoutRedirect' => [
'plugin' => false,
'controller' => 'Pages',
'action' => 'display'
],
'unauthorizedRedirect' => [
'plugin' => false,
'controller' => 'Users',
'action' => 'login',
'prefix' => false
],
'authError' => 'You are not authorized to access that location.',
'flash' => [
'element' => 'error'
]
]);Add $this->addBehavior('Acl.Acl', ['type' => 'requester']); to the initialize function in the files src/Model/Table/GroupsTable.php, src/Model/Table/RolesTable.php and src/Model/Table/UsersTable.php.
public function initialize(array $config) {
parent::initialize($config);
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
}Add the following implementation of parentNode to the file src/Model/Entity/Group.php.
public function parentNode()
{
return null;
}Add the following implementation of parentNode to the file src/Model/Entity/Role.php.
public function parentNode() {
if (!$this->id) {
return null;
}
if (isset($this->group_id)) {
$groupId = $this->group_id;
} else {
$Users = TableRegistry::get('Users');
$user = $Users->find('all', ['fields' => ['group_id']])->where(['id' => $this->id])->first();
$groupId = $user->group_id;
}
if (!$groupId) {
return null;
}
return ['Groups' => ['id' => $groupId]];
}Add the following implementation of parentNode to the file src/Model/Entity/User.php.
public function parentNode() {
if (!$this->id) {
return null;
}
if (isset($this->role_id)) {
$roleId = $this->role_id;
} else {
$Users = TableRegistry::get('Users');
$user = $Users->find('all', ['fields' => ['role_id']])->where(['id' => $this->id])->first();
$roleId = $user->role_id;
}
if (!$roleId) {
return null;
}
return ['Roles' => ['id' => $roleId]];
}Allow all. Add in AppController.php.
public function initialize() {
parent::initialize();
...
$this->Auth->allow();
}Now create a group, role, and user.
Now navigate to http://www.domain.com/AclManager ( or http://www.domain.com/admin/AclManager If AclManager.admin is set to true ), just click "Update ACOs and AROs and set default values", after update ACOs and AROs, remove $this->Auth->allow() from AppController.php and enjoy!
- Not known.
- Fixed bug on "Update ACOs". Now use AclExtras to update ACOs.
- Use AclManager.aros to set AROs models. This make the plugin more configurable.
- Added AclManager.admin param to set admin prefix. This param is boolean type.
CakePHP 3.x - AclManager is a single plugin for manage CakePHP 3.x ACLs, based on the original idea of Frédéric Massart (FMCorz) for CakePHP 2.x.
Iván Amat on GitHub www.ivanamat.es
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent