[pLog-svn] r4108 - in plog/trunk/class: action action/admin
controller
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Mon Oct 9 09:03:14 GMT 2006
Author: oscar
Date: 2006-10-09 09:03:13 +0000 (Mon, 09 Oct 2006)
New Revision: 4108
Added:
plog/trunk/class/action/admin/adminpermissionrequiredaction.class.php
Modified:
plog/trunk/class/action/action.class.php
plog/trunk/class/action/admin/adminnewlinkaction.class.php
plog/trunk/class/controller/admincontroller.class.php
plog/trunk/class/controller/controller.class.php
Log:
This should provide all the necessary hooks in the Controller and Action classes to implement a permission-based system. Now
all action classes have to do is implement the Action::canPerform() method so that the user credentials are checked,
and return true or false depending on whether the user can proceed or not.
Modified: plog/trunk/class/action/action.class.php
===================================================================
--- plog/trunk/class/action/action.class.php 2006-10-08 21:27:01 UTC (rev 4107)
+++ plog/trunk/class/action/action.class.php 2006-10-09 09:03:13 UTC (rev 4108)
@@ -317,5 +317,18 @@
$this->_isSuccess = $success;
$this->_form->setFormIsValid( $success );
}
+
+ /**
+ * This method will be executed to check whether this action can be executed or not. This means
+ * that this method will be executed before the perform() method. If this method returns 'false',
+ * the controller will then load the action defined via the Controller::setCannotPerformAction()
+ *
+ * @return True if the controller is allowed to call the Action::perform() action or not.
+ * @see Controller
+ */
+ function canPerform()
+ {
+ return( true );
+ }
}
?>
Modified: plog/trunk/class/action/admin/adminnewlinkaction.class.php
===================================================================
--- plog/trunk/class/action/admin/adminnewlinkaction.class.php 2006-10-08 21:27:01 UTC (rev 4107)
+++ plog/trunk/class/action/admin/adminnewlinkaction.class.php 2006-10-09 09:03:13 UTC (rev 4108)
@@ -52,6 +52,6 @@
// better to return true if everything fine
return true;
- }
+ }
}
?>
Added: plog/trunk/class/action/admin/adminpermissionrequiredaction.class.php
===================================================================
--- plog/trunk/class/action/admin/adminpermissionrequiredaction.class.php 2006-10-08 21:27:01 UTC (rev 4107)
+++ plog/trunk/class/action/admin/adminpermissionrequiredaction.class.php 2006-10-09 09:03:13 UTC (rev 4108)
@@ -0,0 +1,20 @@
+<?php
+
+ lt_include( PLOG_CLASS_PATH."class/action/admin/adminaction.class.php" );
+ lt_include( PLOG_CLASS_PATH."class/view/admin/adminerrorview.class.php" );
+
+ /**
+ * This is the action loaded every time there is a problem with permissions
+ *
+ * @see Controller::setCannotPerformAction()
+ */
+ class AdminPermissionRequiredAction extends AdminAction
+ {
+ function perform()
+ {
+ $this->_view = new AdminErrorView( $this->_blogInfo );
+ $this->_view->setMessage( $this->_locale->tr( "error_permission_required" ));
+ $this->setCommonData();
+ }
+ }
+?>
\ No newline at end of file
Modified: plog/trunk/class/controller/admincontroller.class.php
===================================================================
--- plog/trunk/class/controller/admincontroller.class.php 2006-10-08 21:27:01 UTC (rev 4107)
+++ plog/trunk/class/controller/admincontroller.class.php 2006-10-09 09:03:13 UTC (rev 4108)
@@ -35,7 +35,11 @@
$this->Controller( $actionMap, $defaultActionParam );
$this->setActionFolderPath( PLOG_CLASS_PATH.'class/action/admin/' );
- $this->setActionFolderPath( PLOG_CLASS_PATH.'class/action/admin/chooser/' );
+ $this->setActionFolderPath( PLOG_CLASS_PATH.'class/action/admin/chooser/' );
+
+ // set the 'fallback' action in case a user does not have enough permissions
+ // to execute an action
+ $this->setCannotPerformAction( "AdminPermissionRequiredAction" );
}
/**
Modified: plog/trunk/class/controller/controller.class.php
===================================================================
--- plog/trunk/class/controller/controller.class.php 2006-10-08 21:27:01 UTC (rev 4107)
+++ plog/trunk/class/controller/controller.class.php 2006-10-09 09:03:13 UTC (rev 4108)
@@ -127,6 +127,11 @@
* Determines the base path from where action files can be dynamically loaded
*/
var $actionFolderPath;
+
+ /**
+ * @private
+ */
+ var $_cannotPerformAction;
/**
* $ActionsMap is an associative array of the form:
@@ -146,9 +151,7 @@
* to identify the action to be taken
*/
function Controller( $actionMap, $actionParam = DEFAULT_ACTION_PARAM )
- {
-
-
+ {
global $_plogController_actionMap;
if( !is_array($_plogController_actionMap))
$_plogController_actionMap = Array();
@@ -164,6 +167,9 @@
// get a resource loader so that we can dynamically load classes if they
// have not been loaded yet!
$this->_loader =& ResourceClassLoader::getLoader( $this->actionFolderPath );
+
+ // no action defined in case we cannot perform
+ $this->_cannotPerformAction = null;
}
/**
@@ -247,6 +253,26 @@
return true;
}
+
+ /**
+ * Specific controllers should use this method to set a class that will be used in case
+ * Action::canPerform() return false. The controller will then load this class and execute
+ * it as if it was a normal action.
+ * This feature can be used to display a view with an error message in case our controller
+ * and actions are working together to provide permission-based access: each action checks whether
+ * the credentials of the current user allow him to execute the current action or not in
+ * the Action::canPeform() method and if it returns true, then the action specified in this method
+ * call takes over and displays whatever error message needs to be displayed (or does some
+ * cleanup, etc, whatever needed)
+ *
+ * @param actionClass A string with the name of the class that should be loaded when
+ * Action::canPerform() returns false. Please note that this is the name of the class, not the
+ * class object itself!
+ */
+ function setCannotPerformAction( $actionClass )
+ {
+ $this->_cannotPerformAction = $actionClass;
+ }
/**
* Processess the HTTP request sent by the client
@@ -303,15 +329,28 @@
$actionInfo = new ActionInfo( $this->_actionParam, $actionName );
$actionObject = new $actionClass( $actionInfo, $httpRequest );
$actionObject->setPreviousAction( $_plogController_previousAction );
-
- // we can use the validate method to check the values of the form variables. If validate()
- // returns 'true', then we call the 'perform' method. If not, then we won't :)
- if( $actionObject->validate()) {
- if( $actionObject->perform())
- $actionObject->setSuccess( true );
- else
- $actionObject->setSuccess( false );
- }
+
+ if( $actionObject->canPerform()) {
+ // we can use the validate method to check the values of the form variables. If validate()
+ // returns 'true', then we call the 'perform' method. If not, then we won't :)
+ if( $actionObject->validate()) {
+ if( $actionObject->perform())
+ $actionObject->setSuccess( true );
+ else
+ $actionObject->setSuccess( false );
+ }
+ }
+ else {
+ // check that we have an action defined for this kind of situations
+ if( $this->_cannotPerformAction === null ) {
+ throw( new Exception( "Action ".$actionName." was not allowed to execute and there is no fallback action to execute" ));
+ die();
+ }
+ $actionClass = $this->_cannotPerformAction;
+ $this->loadActionClass( $actionClass );
+ $actionObject = new $actionClass( $actionInfo, $httpRequest );
+ $actionObject->perform();
+ }
}
$i++;
More information about the pLog-svn
mailing list