duanlan7903 2014-05-30 19:16
浏览 72
已采纳

错误的重定向CakePHP

Redirect AuthComponent::$unauthorizedRedirect

when a user accesses an action where it is not permitted to access the _unauthorized method redirects incorrectly

correct: localhost / project / index

where he's redirecting: localhost / project / project / index

I am using acl

AppController.php

<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {

public $components = array('Acl','Session','DebugKit.Toolbar','RequestHandler','Auth');
public $helpers = array('Html','Form','Session');
public $uses = array('Role');
public $roleId;
public $UAP;
public $aroId;

public function beforeFilter()
{
    if ($this->Session->check('Config.language')) {
        Configure::write('Config.language', $this->Session->read('Config.language'));
    }
    $this->Auth->authorize = array(
        AuthComponent::ALL => array('actionPath' => 'controllers/','userModel' => 'Role'),
        'Actions',
        );
    $this->Auth->authenticate = array(
        'Blowfish' => array(
            'userModel' => 'User'
            )
        );
    if(!$this->_isAdmin()){
        $this->roleId = $this->getRoleId();
        $this->UAP = $this->Role->find('first',array('conditions'=>array('Role.id'=>$this->roleId)));
        $aro = $this->Acl->Aro->find('first',array(
            'conditions'=>array(
                'Aro.model'=>'Role',
                'Aro.foreign_key'=>$this->roleId)));
        $this->aroId = $aro['Aro']['id'];
        $allow = array_merge($this->_getAllowed(), array('display'));
        $this->Auth->allowedActions = $allow;
    }
    //Configure AuthComponent
    $this->Auth->loginAction = array(
        'controller' => 'users',
        'action' => 'login'
        );
    $this->Auth->logoutRedirect = array(
        'controller' => 'users',
        'action' => 'login'
        );
    $this->Auth->loginRedirect = array(
        'controller' => 'pages',
        'action' => 'display',
        'home'
        );
    $this->Auth->authError = __('Not Authorized');
    return parent::beforeFilter();
}

protected function _getAllowed($actionsIds = null, $controllerActions = null){
    if(is_null($actionsIds)){
        $actionsIds = $this->_getAllowedActionsIds();
    }
    if(is_null($controllerActions)){
        $controllerActions = $this->_getControllerActions();
    }
    $allow = array();
    foreach ($actionsIds as $value) {
        array_push($allow, $controllerActions[$value]);
    }
    return $allow;
}

protected function _getAllowedActionsIds($allowedActions = null){
    if(is_null($allowedActions)){
        $allowedActions = $this->_getAllowedActions();
    }
    return array_values($allowedActions);
}

protected function _getAllowedActions($aroId = null, $acoId = null){
    if(is_null($aroId)){
        $aroId = $this->aroId;
    }
    if(is_null($acoId)){
        $acoId = $this->_getControllerActionsIds();
    }
    $result = $this->Acl->Aco->Permission->find('list',array(
        'conditions'=>array(
            'Permission.aro_id'=>$aroId,
            'Permission.aco_id'=>$acoId,
            'Permission._create'=>1,
            'Permission._read'=>1,
            'Permission._update'=>1,
            'Permission._delete'=>1,
            ),
        'fields'=>array('id','aco_id'),
        'recursive'=>'-1'));
    return $result;
}

protected function _getControllerActionsIds($controllerActions = null){
    if(is_null($controllerActions)){
        $controllerActions = $this->_getControllerActions();
    }
    return array_keys($controllerActions);
}

protected function _getControllerActions($node = null){
    if(is_null($node)){
        $node = $this->_getNodeController();
    }
    return $this->Acl->Aco->find(
        'list',array(
            'conditions'=>array('Aco.parent_id'=>$node['0']['Aco']['id']),
            'fields'=>array('Aco.id','Aco.alias'),
            'recursive'=>'-1',
            ));
}

protected function _getNodeController(){
    return $this->Acl->Aco->node("controllers/{$this->name}");  
}

protected function _isAdmin(){
    if($this->Auth->user() && $this->Auth->user('role_id') == 1){
        $this->Auth->allow();
        return true;
    }
    return false;
}

public function getRoleId(){
    if(!is_null($this->Auth->user('role_id'))){
        return $this->Auth->user('role_id');
    }
    return 9; //Usuário não cadastrado
}
}
?>
  • 写回答

4条回答 默认 最新

  • dongshuxi3105 2014-12-04 11:36
    关注

    Ok, I found the answer for this. dude you can just add unauthorize redirect in AppController like this:

    public $components = array(
        'Acl',
        'Auth' => array(
            'authorize' => array(
                'Actions' => array('actionPath' => 'controllers')
            ),
            'authError' => 'Did you really think you are allowed to see that?',
            'unauthorizedRedirect' => array(
                'controller' => 'users',
                'action' => 'index',
                'prefix' => false)
        ),
        'Session'
    );

    Here you can specify any unauthorized redirection or custom unauthorized page

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 有两个非常“自以为是”烦人的问题急期待大家解决!
  • ¥30 STM32 INMP441无法读取数据
  • ¥100 求汇川机器人IRCB300控制器和示教器同版本升级固件文件升级包
  • ¥15 用visualstudio2022创建vue项目后无法启动
  • ¥15 x趋于0时tanx-sinx极限可以拆开算吗
  • ¥500 把面具戴到人脸上,请大家贡献智慧,别用大模型回答,大模型的答案没啥用
  • ¥15 任意一个散点图自己下载其js脚本文件并做成独立的案例页面,不要作在线的,要离线状态。
  • ¥15 各位 帮我看看如何写代码,打出来的图形要和如下图呈现的一样,急
  • ¥30 c#打开word开启修订并实时显示批注
  • ¥15 如何解决ldsc的这条报错/index error