integrate AuthComponent and implement CRUD for users
This commit is contained in:
coderkun
parent
63766773a0
commit
011c9d8ed5
18 changed files with 509 additions and 16 deletions
|
|
@ -19,12 +19,30 @@
|
|||
*/
|
||||
abstract class Controller extends \nre\core\Controller
|
||||
{
|
||||
/**
|
||||
* Required components
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $components = array('auth');
|
||||
/**
|
||||
* Required models
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $models = array('users');
|
||||
/**
|
||||
* Linker instance
|
||||
*
|
||||
* @var Linker
|
||||
*/
|
||||
protected $linker = null;
|
||||
/**
|
||||
* Data of currently logged in user if any
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected static $user = null;
|
||||
|
||||
|
||||
|
||||
|
|
@ -58,13 +76,19 @@
|
|||
{
|
||||
parent::preFilter($request, $response);
|
||||
|
||||
// Check rights
|
||||
$this->checkPermission();
|
||||
|
||||
// Create linker
|
||||
$this->linker = new \nre\core\Linker($this->request);
|
||||
|
||||
// Set userdata
|
||||
$this->set('loggedUser', static::$user);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Prefilter that is executed after running the Controller.
|
||||
* Postfilter that is executed after running the Controller.
|
||||
*
|
||||
* @param Request $request Current request
|
||||
* @param Response $response Current response
|
||||
|
|
@ -72,9 +96,44 @@
|
|||
public function postFilter(\nre\core\Request $request, \nre\core\Response $response)
|
||||
{
|
||||
parent::postFilter($request, $response);
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Check user permissions.
|
||||
*
|
||||
* @throws AccessDeniedException
|
||||
*/
|
||||
private function checkPermission()
|
||||
{
|
||||
// Determine user
|
||||
try {
|
||||
$userId = $this->Auth->getUserId();
|
||||
if(!is_null($userId)) {
|
||||
static::$user = $this->Users->getUserById($this->Auth->getUserId());
|
||||
}
|
||||
}
|
||||
catch(\nre\exceptions\IdNotFoundException $e) {
|
||||
}
|
||||
|
||||
// Set title
|
||||
$this->set('title', $this->request->getParam(1, 'intermediate'));
|
||||
|
||||
// Determine permissions
|
||||
$action = $this->request->getParam(2, 'action');
|
||||
if(!property_exists($this, 'permissions')) {
|
||||
return; // Allow if nothing is specified
|
||||
}
|
||||
if(!array_key_exists($action, $this->permissions)) {
|
||||
return; // Allow if Action is not specified
|
||||
}
|
||||
$permissions = $this->permissions[$action];
|
||||
|
||||
|
||||
// Check permissions
|
||||
if(is_null(static::$user)) {
|
||||
throw new \nre\exceptions\AccessDeniedException();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue