You can install this plugin into your CakePHP application using composer.
The recommended way to install composer packages is:
composer require ivanamat/cakephp3-aclmanager
git submodule add git@github.com:ivanamat/cakephp3-aclmanager.git plugins/AclManager
git submodule init
git submodule update
Download the .zip or .tar.gz file, unzip and rename the plugin folder "cakephp3-aclmanager" to "AclManager" then copy the folder to your plugins folder.
- Install the CakePHP ACL plugin by running composer require cakephp/acl. Read Acl plugin documentation.
- Include the Acl and AclManager plugins in app/config/bootstrap.php
Plugin::load('Acl', ['bootstrap' => true]);
Plugin::load('AclManager', ['bootstrap' => true, 'routes' => true]);Warning: It is not recommended to use Plugin::loadAll();. if you use Plugin::loadAll(); make sure it will not load any plugin several times with Plugin::load('PluginName').
To create ACL related tables, run the following Migrations command:
bin/cake migrations migrate -p Acl
An example schema:
CREATE TABLE `groups` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE `roles` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`group_id` int(11) DEFAULT NULL,
`name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`group_id` int(11) NOT NULL,
`role_id` int(11) NOT NULL,
`username` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`password` char(255) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;See AclManager/config/bootstrap.php.
AclManager.aros : write in there your requester models aliases (the order is important).
Include and configure the AuthComponent and the AclComponent in the AppController
public $components = [
'Acl' => [
'className' => 'Acl.Acl'
]
];
$this->loadComponent('Auth', [
'authorize' => [
'Acl.Actions' => ['actionPath' => 'controllers/']
],
'loginAction' => [
'plugin' => false,
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => [
'plugin' => false,
'controller' => 'Posts',
'action' => 'index'
],
'logoutRedirect' => [
'plugin' => false,
'controller' => 'Users',
'action' => 'login'
],
'unauthorizedRedirect' => [
'plugin' => false,
'controller' => 'Users',
'action' => 'login',
'prefix' => false
],
'authError' => 'You are not authorized to access that location.',
'flash' => [
'element' => 'error'
]
]);Add $this->addBehavior('Acl.Acl', ['type' => 'requester']); to the initialize function in the files src/Model/Table/GroupsTable.php, src/Model/Table/RolesTable.php and src/Model/Table/UsersTable.php
public function initialize(array $config) {
parent::initialize($config);
$this->addBehavior('Acl.Acl', ['type' => 'requester']);
}Add the following implementation of parentNode to the file src/Model/Entity/Group.php:
public function parentNode()
{
return null;
}Add the following implementation of parentNode to the file src/Model/Entity/Role.php:
public function parentNode() {
if (!$this->id) {
return null;
}
if (isset($this->group_id)) {
$groupId = $this->group_id;
} else {
$Users = TableRegistry::get('Users');
$user = $Users->find('all', ['fields' => ['group_id']])->where(['id' => $this->id])->first();
$groupId = $user->group_id;
}
if (!$groupId) {
return null;
}
return ['Groups' => ['id' => $groupId]];
}Add the following implementation of parentNode to the file src/Model/Entity/User.php:
public function parentNode() {
if (!$this->id) {
return null;
}
if (isset($this->role_id)) {
$roleId = $this->role_id;
} else {
$Users = TableRegistry::get('Users');
$user = $Users->find('all', ['fields' => ['role_id']])->where(['id' => $this->id])->first();
$roleId = $user->role_id;
}
if (!$roleId) {
return null;
}
return ['Roles' => ['id' => $roleId]];
}Now navigate to /AclManager/Acl, update your acos and your aros or just click Restore to default and enjoy!
- AclManager::arosBuilder Needs always Groups, Roles and Users, it must be read from Configure::read('AclManager.aros');.
- Aro search engine
When the arosBuilder issue is solved, you will be able to configure the plugin in different ways, using only the models that you want, as example only Roles and Users or Groups and Users.
CakePHP 3.x - Acl Manager is a single plugin for CakePHP 3.x based on the original idea of Frédéric Massart (FMCorz) for CakePHP 2.x and getting help from some idea of Jean-Christophe Pires (JcPires).
Iván Amat on GitHub