auth.php

来自「Cake Framwork , Excellent」· PHP 代码 · 共 825 行 · 第 1/2 页

PHP
825
字号
 * @access public */	function isAuthorized($type = null, $object = null, $user = null) {		if (empty($user) && !$this->user()) {			return false;		} elseif (empty($user)) {			$user = $this->user();		}		extract($this->__authType($type));		if (!$object) {			$object = $this->object;		}		$valid = false;		switch ($type) {			case 'controller':				$valid = $object->isAuthorized();			break;			case 'actions':				$valid = $this->Acl->check($user, $this->action());			break;			case 'crud':				$this->mapActions();				if (!isset($this->actionMap[$this->params['action']])) {					trigger_error(sprintf(__('Auth::startup() - Attempted access of un-mapped action "%1$s" in controller "%2$s"', true), $this->params['action'], $this->params['controller']), E_USER_WARNING);				} else {					$valid = $this->Acl->check($user, $this->action(':controller'), $this->actionMap[$this->params['action']]);				}			break;			case 'model':				$this->mapActions();				$action = $this->params['action'];				if(isset($this->actionMap[$action])) {					$action = $this->actionMap[$action];				}				if (is_string($object)) {					$object = $this->getModel($object);				}			case 'object':				if (!isset($action)) {					$action = $this->action(':action');				}				if (empty($object)) {					trigger_error(sprintf(__('Could not find %s. Set AuthComponent::$object in beforeFilter() or pass a valid object', true), get_class($object)), E_USER_WARNING);					return;				}				if (method_exists($object, 'isAuthorized')) {					$valid = $object->isAuthorized($user, $this->action(':controller'), $action);				} elseif ($object){					trigger_error(sprintf(__('%s::isAuthorized() is not defined.', true), get_class($object)), E_USER_WARNING);				}			break;			case null:			case false:				return true;			break;			default:				trigger_error(__('Auth::isAuthorized() - $authorize is set to an incorrect value.  Allowed settings are: "actions", "crud", "model" or null.', true), E_USER_WARNING);			break;		}		return $valid;	}/** * Get authorization type * * @param string $auth Type of authorization * @return array Associative array with: type, object * @access private */	function __authType($auth = null) {		if ($auth == null) {			$auth = $this->authorize;		}		$object = null;		if (is_array($auth)) {			$type = key($auth);			$object = $auth[$type];		} else {			$type = $auth;			return compact('type');		}		return compact('type', 'object');	}/** * Takes a list of actions in the current controller for which authentication is not required, or * no parameters to allow all actions. * * @param string $action Controller action name * @param string $action Controller action name * @param string ... etc. * @access public */	function allow() {		$args = func_get_args();		if (empty($args)) {			$this->allowedActions = array('*');		} else {			if (isset($args[0]) && is_array($args[0])) {				$args = $args[0];			}			$this->allowedActions = array_merge($this->allowedActions, $args);		}	}/** * Removes items from the list of allowed actions. * * @param string $action Controller action name * @param string $action Controller action name * @param string ... etc. * @see AuthComponent::allow() * @access public */	function deny() {		$args = func_get_args();		foreach ($args as $arg) {			$i = array_search($arg, $this->allowedActions);			if (is_int($i)) {				unset($this->allowedActions[$i]);			}		}		$this->allowedActions = array_values($this->allowedActions);	}/** * Maps action names to CRUD operations. Used for controller-based authentication. * * @param array $map Actions to map * @access public */	function mapActions($map = array()) {		$crud = array('create', 'read', 'update', 'delete');		foreach ($map as $action => $type) {			if (in_array($action, $crud) && is_array($type)) {				foreach ($type as $typedAction) {					$this->actionMap[$typedAction] = $action;				}			} else {				$this->actionMap[$action] = $type;			}		}	}/** * Manually log-in a user with the given parameter data.  The $data provided can be any data * structure used to identify a user in AuthComponent::identify().  If $data is empty or not * specified, POST data from Controller::$data will be used automatically. * * After (if) login is successful, the user record is written to the session key specified in * AuthComponent::$sessionKey. * * @param mixed $data User object * @return boolean True on login success, false on failure * @access public */	function login($data = null) {		$this->__setDefaults();		$this->_loggedIn = false;		if (empty($data)) {			$data = $this->data;		}		if ($user = $this->identify($data)) {			$this->Session->write($this->sessionKey, $user);			$this->_loggedIn = true;		}		return $this->_loggedIn;	}/** * Logs a user out, and returns the login action to redirect to. * * @param mixed $url Optional URL to redirect the user to after logout * @return string AuthComponent::$loginAction * @see AuthComponent::$loginAction * @access public */	function logout() {		$this->__setDefaults();		$this->Session->del($this->sessionKey);		$this->Session->del('Auth.redirect');		$this->_loggedIn = false;		return Router::normalize($this->logoutRedirect);	}/** * Get the current user from the session. * * @return array User record, or null if no user is logged in. * @access public */	function user($key = null) {		$this->__setDefaults();		if (!$this->Session->check($this->sessionKey)) {			return null;		}		if ($key == null) {			return array($this->userModel => $this->Session->read($this->sessionKey));		} else {			$user = $this->Session->read($this->sessionKey);			if (isset($user[$key])) {				return $user[$key];			} else {				return null;			}		}	}/** * If no parameter is passed, gets the authentication redirect URL. * * @param mixed $url Optional URL to write as the login redirect URL. * @return string Redirect URL * @access public */	function redirect($url = null) {		if (!is_null($url)) {			return $this->Session->write('Auth.redirect', $url);		}		if ($this->Session->check('Auth.redirect')) {			$redir = $this->Session->read('Auth.redirect');			$this->Session->delete('Auth.redirect');			if (Router::normalize($redir) == Router::normalize($this->loginAction)) {				$redir = $this->loginRedirect;			}		} else {			$redir = $this->loginRedirect;		}		return Router::normalize($redir);	}/** * Validates a user against an abstract object. * * @param mixed $object  The object to validate the user against. * @param mixed $user    Optional.  The identity of the user to be validated. *                       Uses the current user session if none specified.  For *                       valid forms of identifying users, see *                       AuthComponent::identify(). * @param string $action Optional. The action to validate against. * @see AuthComponent::identify() * @return boolean True if the user validates, false otherwise. * @access public */	function validate($object, $user = null, $action = null) {		if (empty($user)) {			$user = $this->user();		}		if (empty($user)) {			return false;		}		return $this->Acl->check($user, $object, $action);	}/** * Returns the path to the ACO node bound to a controller/action. * * @param string $action  Optional.  The controller/action path to validate the *                        user against.  The current request action is used if *                        none is specified. * @return boolean ACO node path * @access public */	function action($action = ':controller/:action') {		return str_replace(			array(':controller', ':action'),			array(Inflector::camelize($this->params['controller']), $this->params['action']),			$this->actionPath . $action		);	}/** * Returns a reference to the model object specified, and attempts * to load it if it is not found. * * @param string $name Model name (defaults to AuthComponent::$userModel) * @return object A reference to a model object * @access public */	function &getModel($name = null) {		$model = null;		if (!$name) {			$name = $this->userModel;		}		if (PHP5) {			$model = ClassRegistry::init($name);		} else {			$model =& ClassRegistry::init($name);		}		if (empty($model)) {			trigger_error(__('Auth::getModel() - Model is not set or could not be found', true), E_USER_WARNING);			return null;		}		return $model;	}/** * Identifies a user based on specific criteria. * * @param mixed $user Optional. The identity of the user to be validated. *              Uses the current user session if none specified. * @param array $conditions Optional. Additional conditions to a find. * @return array User record data, or null, if the user could not be identified. * @access public */	function identify($user = null, $conditions = null) {		if ($conditions === false) {			$conditions = null;		} elseif (is_array($conditions)) {			$conditions = array_merge((array)$this->userScope, $conditions);		} else {			$conditions = $this->userScope;		}		if (empty($user)) {			$user = $this->user();			if (empty($user)) {				return null;			}		} elseif (is_object($user) && is_a($user, 'Model')) {			if (!$user->exists()) {				return null;			}			$user = $user->read();			$user = $user[$this->userModel];		} elseif (is_array($user) && isset($user[$this->userModel])) {			$user = $user[$this->userModel];		}		if (is_array($user) && (isset($user[$this->fields['username']]) || isset($user[$this->userModel . '.' . $this->fields['username']]))) {			if (isset($user[$this->fields['username']]) && !empty($user[$this->fields['username']])  && !empty($user[$this->fields['password']])) {				if (trim($user[$this->fields['username']]) == '=' || trim($user[$this->fields['password']]) == '=') {					return false;				}				$find = array(					$this->userModel.'.'.$this->fields['username'] => $user[$this->fields['username']],					$this->userModel.'.'.$this->fields['password'] => $user[$this->fields['password']]				);			} elseif (isset($user[$this->userModel . '.' . $this->fields['username']]) && !empty($user[$this->userModel . '.' . $this->fields['username']])) {				if (trim($user[$this->userModel . '.' . $this->fields['username']]) == '=' || trim($user[$this->userModel . '.' . $this->fields['password']]) == '=') {					return false;				}				$find = array(					$this->userModel.'.'.$this->fields['username'] => $user[$this->userModel . '.' . $this->fields['username']],					$this->userModel.'.'.$this->fields['password'] => $user[$this->userModel . '.' . $this->fields['password']]				);			} else {				return false;			}			$model =& $this->getModel();			$data = $model->find(array_merge($find, $conditions), null, null, 0);			if (empty($data) || empty($data[$this->userModel])) {				return null;			}		} elseif (is_numeric($user)) {			$model =& $this->getModel();			$data = $model->find(array_merge(array($model->escapeField() => $user), $conditions));			if (empty($data) || empty($data[$this->userModel])) {				return null;			}		}		if (isset($data) && !empty($data)) {			if (!empty($data[$this->userModel][$this->fields['password']])) {				unset($data[$this->userModel][$this->fields['password']]);			}			return $data[$this->userModel];		} else {			return null;		}	}/** * Hash any passwords found in $data using $userModel and $fields['password'] * * @param array $data Set of data to look for passwords * @return array Data with passwords hashed * @access public */	function hashPasswords($data) {		if (is_object($this->authenticate) && method_exists($this->authenticate, 'hashPasswords')) {			return $this->authenticate->hashPasswords($data);		}		if (isset($data[$this->userModel])) {			if (isset($data[$this->userModel][$this->fields['username']]) && isset($data[$this->userModel][$this->fields['password']])) {				$data[$this->userModel][$this->fields['password']] = $this->password($data[$this->userModel][$this->fields['password']]);			}		}		return $data;	}/** * Hash a password with the application's salt value (as defined with Configure::write('Security.salt'); * * @param string $password Password to hash * @return string Hashed password * @access public */	function password($password) {		return Security::hash($password, null, true);	}/** * Component shutdown.  If user is logged in, wipe out redirect. * * @param object $controller Instantiating controller * @access public */	function shutdown(&$controller) {		if ($this->_loggedIn) {			$this->Session->del('Auth.redirect');		}	}}?>

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?