Giter Site home page Giter Site logo

jmcneese / permissionable Goto Github PK

View Code? Open in Web Editor NEW
50.0 50.0 8.0 334 KB

A CakePHP 1.3 plugin that provides UNIX-like row-level permissions for model data.

Home Page: http://jmcneese.wordpress.com/2010/01/28/rmac-is-dead-long-live-rmac/

License: MIT License

PHP 100.00%

permissionable's People

Contributors

andrewmcc avatar jmcneese avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar

permissionable's Issues

$this->Model->find('list'); fails on models with permissionable attached

When trying to do a $this->Model->find('list'); on a model that has the permissionable beavior attached it fails with the following SQL error: (this is for a model called Location

Warning (512): SQL Error: 1051: Unknown table 'LocationPermissionBit' [CORE/cake/libs/model/datasources/dbo_source.php, line 684]
Query: SELECT `Location`.`id`, `Location`.`name`, `LocationPermissionBit`.* FROM `locations` AS `Location`   WHERE 1 = 1    

Saving HABTM

HABTM saving is not working, the record is created, the permissions are created, but the join table record isn't.

hasOne not automatically bound when calling $Model::find('list');

I'm trying to do this:

$this->Group->find('list');

and my SQL is coming out like this:

SELECT Group.id, Group.name, GroupPermission.* FROM groups AS Group WHERE 1 = 1

In permisssionable/models/behaviors/permissionable.php, when I debugged the $Model before and after this line of the beforeFind() function:

$this->_bind($Model, array( ... ));

the $Model did not and then did have a 'hasOne' binding to GroupPermission however for some reason it isn't being applied to the ->find('list') query.

I tried to do a $this->Group->find('all'); and that did work as expected.

I'm calling $this->Group from my users_controller where I have:

var $uses = array('User', 'Group');

I have User HABTM Group and Group HABTM User defined in the appropriate model files.

not sure if this is Permissionable or Cakephp, but I get a sql warning on $this->paginate

SELECT COUNT() AS count, GroupPermission., Group.id FROM groups AS Group INNER JOIN permissions AS GroupPermission ON (GroupPermission.model = 'Group' AND GroupPermission.foreignId = Group.id AND ((GroupPermission.perms & 512 <> 0) OR (((GroupPermission.perms & 64 <> 0) AND (GroupPermission.foreignId IN ('member---0123-4567-89ab-000000000002', 'member---0123-4567-89ab-000000000003')))) OR (((GroupPermission.perms & 8 <> 0) AND (GroupPermission.gid IN ('member---0123-4567-89ab-000000000002', 'member---0123-4567-89ab-000000000003')))) OR (((GroupPermission.perms & 1 <> 0) AND (GroupPermission.oid = '12345678-1111-0000-0000-venice------'))))) LEFT JOIN users AS Owner ON (Group.user_id = Owner.id) WHERE 1 = 1

SQL warning:

1140: Mixing of GROUP columns (MIN(),MAX(),COUNT(),...) with no GROUP columns is illegal if there is no GROUP BY clause

drops belongsTo relationships when fields=>null

example:
$this->Model->read(null, $id)

fix:

    if (is_array($queryData['fields'])) {

        $queryData['fields'][] = "{$alias}.*";

    } elseif(!empty($queryData['fields'])) {

        $queryData['fields'] = array(
            $queryData['fields'],
            "{$alias}.*"
        );

    } else {
        $queryData['fields'] = array(
            "{$Model->alias}.*",
            "{$alias}.*"
        );

// add this line in behavior to fix
if (isset($Model->belongsTo)) {
$belongsToModels = array_keys($Model->belongsTo);
foreach( $belongsToModels as $belongsTo_alias ){
$queryData['fields'][] = $belongsTo_alias.'.*';
}
}

    }

Web UI for setting permissions on object rows

We could really use a web ui for setting the permissions on a row. I envision a ajax interface that would be searchable and allow for multi records to be updated if possible. I'd be willing to work on this if there is enough interest in it.

Unknown column 'PostPermission.foreign_id'

Trying out Permissionable on a sandbox that's based on the manual's ACL-controlled app tutorial over a 1.3.2 core. I've set up the behavior on the Post model and the component on the Post controller. The post index issues this warning at the top:

SQL Error: 1054: Unknown column 'PostPermission.foreign_id' in 'on clause'

The related query is:

SELECT 
  COUNT(*) AS `count`, 
  `PostPermission`.* 

FROM `posts` AS `Post` 

LEFT JOIN `users` AS `User` 
ON (`Post`.`user_id` = `User`.`id`) 
INNER JOIN `aros_acos` AS `PostPermission` 
ON 
(
  `PostPermission`.`foreign_id` = `Post`.`id` 
  AND `PostPermission`.`model` = 'Post' 
  AND `PostPermission`.`foreign_id` = `Post`.`id` 
  AND 
  (
    (`PostPermission`.`perms` & 4 <> 0) OR (((`PostPermission`.`perms` & 32 <> 0) AND (`PostPermission`.`gid` = '3'))) OR (((`PostPermission`.`perms` & 256 <> 0) AND (`PostPermission`.`uid` = '3')))
  )
) 
WHERE 1 = 1 

My aros_acos does not contain foreign_id or anything like it (id, aro_id, aco_id, _create, _read, _update, _delete). The closest is that both acos and aros contains foreign_key fields, though they're all null in acos (uses aliases).

Is Permissionable based upon some other implementation of ACL than what's in the release version of 1.3.x?

Fail to save data because of missing bind

I had an issue getting data saved using Permissionable. Using a sandbox of the manual's ACL-controlled application on a 1.3.2 core, and after changing some names used by Permissionable (http://github.com/jmcneese/permissionable/issues/#issue/7), the add operation failed with the error:

Undefined property: Post::$PostPermission [APP\plugins\permissionable\models\behaviors\permissionable.php, line 205]

I think that means the Permissionable model/behavior isn't correctly associated to the calling model in the afterSave method. I tested this idea by adding $this->bind($Model); before the several potential calls to _ $Model->{$alias}->*. (I put mine on line 202.) Data then saved correctly.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.