forked from el-cms/Acl
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
oldskool
committed
Feb 25, 2013
0 parents
commit f987b12
Showing
68 changed files
with
5,553 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,136 @@ | ||
| ACL Plugin for CakePHP 2.x | ||
| ========================== | ||
|
|
||
| Website: http://www.alaxos.net/blaxos/pages/view/plugin_acl | ||
| Author: Nicolas Rod <[email protected]> | ||
| License: http://www.opensource.org/licenses/mit-license.php The MIT License | ||
|
|
||
| Version: 2.2.0 | ||
| -------------- | ||
| Date: 2012-09-24 | ||
|
|
||
| - corrected some functions to be fully compatible with CakePHP 2.1 and above to allow the use of E_STRICT error reporting level | ||
| - As a side effect, E_STRICT error reporting level is not possible anymore when using CakePHP 2.0 | ||
| - better support of controller names containing an underscore | ||
| - ACO records that are not controllers or actions are not detected as ACO to prune anymore | ||
| - corrected a bug in AclRouter making the aco_path() function fail when the Cake app is at the domain root level | ||
| - added a response->render() to be sure to see the alert when some controllers have been updated | ||
| - corrected a App:uses to prevent an HtmlHelper not found error | ||
|
|
||
| Version: 2.1.0 | ||
| -------------- | ||
| Date: 2012-02-04 | ||
|
|
||
| - Corrected a security bug allowing any authenticated user to access the Acl plugin | ||
| - Obsolete ACO nodes are now removed from the database when the ACO datatable is synchronized with the application | ||
| - Plugins default controllers are now supported by the plugin, allowing to set permissions for their actions | ||
| - New beta AclHtmlHelper containing a link() function that returns an HTML link only if its url points to an action | ||
| that the current authenticated user can access (works only if the AclManagerComponent->set_session_permissions() was called before) | ||
| - Some minor design updates | ||
|
|
||
| Version: 2.0.0 | ||
| -------------- | ||
| Date: 2011-12-15 | ||
|
|
||
| - As no problems have been signaled with the 2.0.0-RC6 version, it finally becomes the 2.0.0 | ||
|
|
||
| Version: 2.0.0-RC6 | ||
| ------------------ | ||
| Date: 2011-12-09 | ||
|
|
||
| - Corrected a bug preventing the retrieval of plugin controllers methods when a PluginAppController exists | ||
|
|
||
| Version: 2.0.0-RC5 | ||
| ------------------ | ||
| Date: 2011-12-07 | ||
|
|
||
| - Added the RequestHandler component in AclAppController to make the plugin work even if the AppController does not use it already | ||
|
|
||
| Version: 2.0.0-RC4 | ||
| ------------------ | ||
| Date: 2011-11-26 | ||
|
|
||
| - Removed plugin named parameter from Ajax requests when plugin is empty | ||
| - Removed doubled slashes from icons src urls | ||
|
|
||
| Special thanks to Dave and Sam Sherlock for their feedbacks and ideas | ||
|
|
||
| Version: 2.0.0-RC3 | ||
| ------------------ | ||
| Date: 2011-11-01 | ||
|
|
||
| - Removed RequestHandler from ArosController as its method isAjax() is deprecated (use $this->request->is('ajax') instead) | ||
|
|
||
| Version: 2.0.0-beta | ||
| ------------------- | ||
| Date: 2011-09-19 | ||
|
|
||
| - Adaptation for CakePHP 2.0 | ||
|
|
||
| No new functionnalities in this version, but the code has been updated for the new Cake 2.0-RC1 | ||
| Renamed classes, use App::uses() instead of old App::import(), updated forms url, etc. | ||
|
|
||
|
|
||
| Version: 1.0.7 | ||
| ---------------- | ||
| Date: 2011-07-18 | ||
|
|
||
| - the aros/users_permissions action can now be loaded through Ajax to prevent a request timeout when there are too many permissions to check | ||
| - added an indication when a user have specific permissions. New action to delete these specific permissions. | ||
| - corrected the way to get the plugins' paths in order to support custom paths added to App::path('plugins'); | ||
| - corrected the way the plugins parent ACO are generated to support camel cased plugin names | ||
| - added a parameter in bootstrap.php to support roles and users primary keys' names that do not follow CakePHP conventions | ||
| - eventual errors raised by the user model when updating the users role are now displayed for a better understanding of the problem | ||
| - new brazilian portuguese (pt_BR) translation | ||
| - performance improvements in find queries by limiting retrieved data | ||
|
|
||
| Credit: | ||
|
|
||
| - Elias Farah | ||
|
|
||
| For the brazilian portuguese translation po file and for his help to add the possibility to customize the roles and users primary keys' names | ||
|
|
||
| - Paul Marshall (http://www.paulmarshall.us) | ||
|
|
||
| For pointing out a better way the get the plugins' paths and for ideas to improve performance in queries | ||
|
|
||
| - Ilya (http://www.skychip.ru) and Gregorz | ||
|
|
||
| For identifying a bug with camel cased plugins' names and pointing out the solution | ||
|
|
||
|
|
||
| Version: 1.0.6 | ||
| ---------------- | ||
| Date: 2011-04-27 | ||
|
|
||
| - added a parameter in bootstrap.php to support role foreign key's names that do not follow CakePHP conventions | ||
|
|
||
| Version: 1.0.5 | ||
| ---------------- | ||
| Date: 2011-02-19 | ||
|
|
||
| - bug correction: the role foreign key is now created by using the Inflector class to be correctly generated even for camelcased role model names | ||
| - bug correcton: updated the way the roles and users display names are configured to prevent some situations where the use of an existing database field | ||
| was not possible. It also improves performance by creating new virtual fields only if necessary. | ||
|
|
||
| Credit: thanks to Paul Marshall for his help on this version (http://www.paulmarshall.us) | ||
|
|
||
| Version: 1.0.4 | ||
| ---------------- | ||
| Date: 2011-01-22 | ||
|
|
||
| - the aros/role_permissions action can now be loaded through Ajax to prevent a request timeout when there are too many permissions to check | ||
| - new search filters on users roles page and users permissions page | ||
| - updated the way new controller and/or actions detection is done to allow to see the warning even after a redirection from /admin/acl | ||
| - replaced $html and $form by $this->Html and $this->Form in views to respect CakePHP best practices | ||
|
|
||
| Version: 1.0.3 | ||
| ---------------- | ||
| Date: 2010-12-05 | ||
|
|
||
| - Added support of plugins placed in ROOT/plugins | ||
| - Corrected a bug preventing to set a user specific permission in some cases | ||
| - Added automatic verification that the user and role models act as ACL requesters | ||
| - No writable 'tmp' folder needed anymore | ||
| - Some code refactoring (moved functions from the AclAppController to new components) | ||
| - Added this CHANGELOG file... ;-) |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,84 @@ | ||
| <?php | ||
| App::uses('AclRouter', 'Acl.Lib'); | ||
|
|
||
| /* ------------------------------------------------------------------- | ||
| * The settings below have to be loaded to make the acl plugin work. | ||
| * ------------------------------------------------------------------- | ||
| * | ||
| * See how to include these settings in the README file | ||
| */ | ||
|
|
||
| /* | ||
| * The model name used for the user role (typically 'Role' or 'Group') | ||
| */ | ||
| Configure :: write('acl.aro.role.model', 'Group'); | ||
|
|
||
| /* | ||
| * The primary key of the role model | ||
| * | ||
| * (can be left empty if your primary key's name follows CakePHP conventions)('id') | ||
| */ | ||
| Configure :: write('acl.aro.role.primary_key', ''); | ||
|
|
||
| /* | ||
| * The foreign key's name for the roles | ||
| * | ||
| * (can be left empty if your foreign key's name follows CakePHP conventions)(e.g. 'role_id') | ||
| */ | ||
| Configure :: write('acl.aro.role.foreign_key', ''); | ||
|
|
||
| /* | ||
| * The model name used for the user (typically 'User') | ||
| */ | ||
| Configure :: write('acl.aro.user.model', 'User'); | ||
|
|
||
| /* | ||
| * The primary key of the user model | ||
| * | ||
| * (can be left empty if your primary key's name follows CakePHP conventions)('id') | ||
| */ | ||
| Configure :: write('acl.aro.user.primary_key', ''); | ||
|
|
||
| /* | ||
| * The name of the database field that can be used to display the role name | ||
| */ | ||
| Configure :: write('acl.aro.role.display_field', 'name'); | ||
|
|
||
| /* | ||
| * You can add here role id(s) that are always allowed to access the ACL plugin (by bypassing the ACL check) | ||
| * (This may prevent a user from being rejected from the ACL plugin after a ACL permission update) | ||
| */ | ||
| Configure :: write('acl.role.access_plugin_role_ids', array(1)); | ||
|
|
||
| /* | ||
| * You can add here users id(s) that are always allowed to access the ACL plugin (by bypassing the ACL check) | ||
| * (This may prevent a user from being rejected from the ACL plugin after a ACL permission update) | ||
| */ | ||
| Configure :: write('acl.role.access_plugin_user_ids', array()); | ||
|
|
||
| /* | ||
| * The users table field used as username in the views | ||
| * It may be a table field or a SQL expression such as "CONCAT(User.lastname, ' ', User.firstname)" for MySQL or "User.lastname||' '||User.firstname" for PostgreSQL | ||
| */ | ||
| Configure :: write('acl.user.display_name', "User.username"); | ||
|
|
||
| /* | ||
| * Indicates whether the presence of the Acl behavior in the user and role models must be verified when the ACL plugin is accessed | ||
| */ | ||
| Configure :: write('acl.check_act_as_requester', true); | ||
|
|
||
| /* | ||
| * Add the ACL plugin 'locale' folder to your application locales' folders | ||
| */ | ||
| App :: build(array('locales' => App :: pluginPath('Acl') . DS . 'locale')); | ||
|
|
||
| /* | ||
| * Indicates whether the roles permissions page must load through Ajax | ||
| */ | ||
| Configure :: write('acl.gui.roles_permissions.ajax', false); | ||
|
|
||
| /* | ||
| * Indicates whether the users permissions page must load through Ajax | ||
| */ | ||
| Configure :: write('acl.gui.users_permissions.ajax', false); | ||
| ?> |
Oops, something went wrong.