1: <?php
2:
3: App::uses('Component', 'Controller');
4: App::uses('AuthComponent', 'Controller/Component');
5: App::uses('AccessControlFilter', 'AccessControl.Lib');
6:
7: class AccessControlComponent extends Component {
8:
9: 10: 11: 12:
13: private static $filters = array();
14:
15: public $components = array(
16: 'Session'
17: );
18:
19: public function __construct(\ComponentCollection $collection, $settings = array()) {
20: parent::__construct($collection, $settings);
21: $this->settings = $settings + array(
22: 'filters' => array(),
23: 'deniedAccessRedirect' => '/'
24: );
25: }
26:
27: 28: 29: 30:
31: private static $request;
32:
33: public function startup(\Controller $controller) {
34: parent::startup($controller);
35: $this->loadFilters();
36: self::setRequest($controller->request);
37:
38: if (!self::sessionUserHasAccessByUrl(self::$request->params)) {
39: $this->Session->setFlash('Acesso Negado');
40: $controller->redirect($this->settings['deniedAccessRedirect']);
41: return false;
42: }
43: }
44:
45: private function loadFilters() {
46: $this->clearFilters();
47: foreach ($this->settings['filters'] as $filterName) {
48: list($plugin, $name) = pluginSplit($filterName);
49: $class = $name . 'AccessControlFilter';
50: $location = ($plugin ? $plugin . '.' : '') . 'Controller/Component/AccessControl';
51: App::uses($class, $location);
52: $this->addFilter(new $class());
53: }
54: }
55:
56: public static function setRequest(\CakeRequest $request) {
57: self::$request = $request;
58: }
59:
60: public static function clearFilters() {
61: self::$filters = array();
62: }
63:
64: public static function addFilter(AccessControlFilter $filter) {
65: self::$filters[] = $filter;
66: }
67:
68: public static function sessionUserHasAccess($object, $objectType = null) {
69: return self::userHasAccess(
70: AuthComponent::user()
71: , $object
72: , $objectType
73: );
74: }
75:
76: public static function userHasAccess($user, $object, $objectType = null) {
77: foreach(self::$filters as $filter) {
78: if (!$filter->userHasAccess(self::$request, $user, $object, $objectType)) {
79: return false;
80: }
81: }
82:
83: return true;
84: }
85:
86: public static function __callStatic($method, $arguments) {
87: if (preg_match('/^sessionUserHasAccessBy(.+)$/', $method, $matches)) {
88: if (count($arguments) < 1) {
89: trigger_error(__d('access_control','Missing argument 1 for %1$s::%2$s', __CLASS__, $method), E_USER_ERROR);
90: }
91:
92: return self::sessionUserHasAccess(
93: $arguments[0], Inflector::variable($matches[1])
94: );
95: } else if (preg_match('/^userHasAccessBy(.+)$/', $method, $matches)) {
96: for ($i = 1; $i <= 2; $i++) {
97: if (count($arguments) < $i) {
98: trigger_error(__d('access_control','Missing argument %1$i for %2$s::%3$s', $i, __CLASS__, $method), E_USER_ERROR);
99: }
100: }
101:
102: return self::userHasAccess(
103: $arguments[0], $arguments[1], Inflector::variable($matches[1])
104: );
105: }
106:
107: trigger_error(__d('cake_dev', 'Method %1$s::%2$s does not exist', __CLASS__, $method), E_USER_ERROR);
108: }
109:
110: public function __call($method, $arguments) {
111: return self::__callStatic($method, $arguments);
112: }
113:
114: public static function parseHasAccessByMethodName($prefix, $method) {
115: if (preg_match("/^$prefix(.+)$/", $method, $matches)) {
116: return Inflector::variable($matches[1]);
117: }
118: else {
119: return false;
120: }
121: }
122:
123: }