Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword or section
Like this
5Activity
×

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
Core Components

Core Components

Ratings:

5.0

(1)
|Views: 2,343|Likes:
Published by prak_sophy4252
CakePHP has a number of built-in components. They provide out of the box functionality for several commonly used tasks. ACl, Auth, Session, RequestHandler, Security, Email, Cookie
CakePHP has a number of built-in components. They provide out of the box functionality for several commonly used tasks. ACl, Auth, Session, RequestHandler, Security, Email, Cookie

More info:

Published by: prak_sophy4252 on Dec 18, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See More
See less

10/16/2011

pdf

text

original

 
1.2 Collection1.1 CollectionGeneral
Welcome to The Cookbook 
CakePHPAPIDocsBakeryLiveForgeTracSearch
 
The Manual»Core Components 
5 Core Components
EditComments (0)History 
CakePHP has a number of built
-
in components. They provide out of the boxfunctionality for several commonly used tasks.To learn more about each component see the menu on the left, or learn moreaboutcreating your own components
.
 See comments for this section 
5.1Access Control Lists
EditView just this sectionComments (2)History 
CakePHP's access control list functionality is one of the most oft
-
discussed,most likely because it is the most sought after, but also because it can be themost confusing. If you're looking for a good way to get started with ACLs ingeneral, read on.Be brave and stick with it, even if the going gets rough. Once you get the hangof it, it's an extremely powerful tool to have on hand when developing yourapplication.
 
See comments for this section 
5.1.1Understanding How ACL Works
EditView just this sectionComments (0)History 
The Acl component provides an easy to use interface for database and ini based access control lists.
The auth component provides an easy to use authentication system using a variety of authenticationprocesses, such as controller callbacks,Acl, or Objectcallbacks.
The session component provides a storage independentwrapper to PHP's sessions.
RequestHandler
The request handler allows you to introspect further intothe requests your visitors and inform your applicationabout the content types and requested information.
Security
The security component allows you to set tighter securityand use and manage HTTP authentication.
Email
An interface that can be used to send emails usingone of several mail transfer agents including php's mail() andsmtp.
Cookie
The cookie component behaves in a similar fashion to theSessionComponent in that it provides a wrapper for PHP'snative cookie support.
Table of Contents:The
Manual
 
1 Beginning With
CakePHP
 2 Basic Principles of 
CakePHP
 3 Developing with
CakePHP
 4 Common Tasks With
CakePHP
 5 Core Components5.1 Access ControlLists 5.2 Authentication 5.3 Cookies 
5.4 Email
 5.5 Request Handling 5.6 SecurityComponent 5.7 Sessions 6 Core Behaviors 7 Core Helpers 8 Core Utility Libraries 9 Core ConsoleApplications 10 Example Applications 11 Appendices 
Options
All in one page Suggest a new sectionhere 
Feeds
Comments for CoreComponents Change history for CoreComponents 
LoginTop ContributorsTodoAbout CakePHPDonate
 
Powerful things require access control. Access control lists are a way to manageapplication permissions in a fine
-
grained, yet easily maintainable andmanageable way.Access control lists, or ACL, handle two main things: things that want stuff, andthings that are wanted. In ACL lingo, things (most often users) that want touse stuff are called access request objects, or AROs. Things in the system thatare wanted (most often actions or data) are called access control objects, orACOs. The entities are called 'objects' because sometimes the requesting objectisn't a person
-
sometimes you might want to limit the access certain Cakecontrollers have to initiate logic in other parts of your application. ACOs could beanything you want to control, from a controller action, to a web service, to a lineon your grandma's online diary.To review:ACO
-
Access Control Object
-
Something that is wantedARO
-
Access Request Object
-
Something that wants somethingEssentiallly, ACL is what is used to decide when an ARO can have access to anACO.In order to help you understand how everything works together, let's use asemi
-
practical example. Imagine, for a moment, a computer system used by afamiliar group of fantasy novel adventurers from the
Lord of the Rings
. Theleader of the group, Gandalf, wants to manage the party's assets whilemaintaining a healthy amount of privacy and security for the other members of the party. The first thing he needs to do is create a list of the AROs involved:Gandalf AragornBilboFrodoGollumLegolas
Gimli
 PippinMerryRealize that ACL is
not
the same as authentication. ACL is what happens
after
a user has been authenticated. Although the two are usually usedin concert, it's important to realize the difference between knowing whosomeone is (authentication) and knowing what they can do (ACL).The next thing Gandalf needs to do is make an initial list of things, or ACOs, thesystem will handle. His list might look something like:WeaponsThe One RingSalted PorkDiplomacyAleTraditionally, systems were managed using a sort of matrix, that showed abasic set of users and permissions relating to objects. If this information werestored in a table, it might look like the following table:
Weapons
The Ring
Salted PorkDiplomacyAle
 
At first glance, it seems that this sort of system could work rather well.Assignments can be made to protect security (only Frodo can access the ring)and protect against accidents (keeping the hobbits out of the salted pork andweapons). It seems fine grained enough, and easy enough to read, right?For a small system like this, maybe a matrix setup would work. But for agrowing system, or a system with a large amount of resources (ACOs) andusers (AROs), a table can become unwieldy rather quickly. Imagine trying tocontrol access to the hundreds of war encampments and trying to managethem by unit. Another drawback to matrices is that you can't really logicallygroup sections of users or make cascading permissions changes to groups of users based on those logical groupings. For example, it would sure be nice toautomatically allow the hobbits access to the ale and pork once the battle isover: Doing it on an individual user basis would be tedious and error prone.Making a cascading permissions change to all 'hobbits' would be easy.ACL is most usually implemented in a tree structure. There is usually a tree of AROs and a tree of ACOs. By organizing your objects in trees, permissions canstill be dealt out in a granular fashion, while still maintaining a good grip on thebig picture. Being the wise leader he is, Gandalf elects to use ACL in his newsystem, and organizes his objects along the following lines:Fellowship of the Ring™WarriorsAragornLegolas
Gimli
 WizardsGandalf HobbitsFrodoBilboMerryPippinVisitorsGollumUsing a tree structure for AROs allows Gandalf to define permissions that applyto entire groups of users at once. So, using our ARO tree, Gandalf can tack on afew group
-
based permissions:Fellowship of the Ring
(
Deny
: all)
 Warriors
(
Allow
: Weapons, Ale, Elven Rations, Salted Pork)AragornLegolas
Gandalf 
AllowAllowAllow
Aragorn
 
AllowAllowAllowAllow
Bilbo
 
Allow
Frodo
AllowAllow
Gollum
 
Allow
Legolas
AllowAllowAllowAllow
Gimli
 
AllowAllow
Pippin
 
AllowAllow
Merry
Allow

Activity (5)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
syedrahman01 liked this
swapna246 liked this
Fredzex liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->