gleez / cms

GleezCMS - A Light, Simple, Flexible Content Management System

www.gleezcms.org

206 stars 83 forks source link

ACL 2.0 #61

Closed sergeyklay closed 11 years ago

sergeyklay commented 11 years ago

I have some ideas on ACL... I think I could improve it. Let me move it in a separate module (may be Gleez ACL) to improve it

sandeepone commented 11 years ago

Can you explain your ideas if possible?

sergeyklay commented 11 years ago

First, I think it is wrong that in the absence of access, triggered exception or throws (403, 404, etc.). But I think we need to to log such events. Maybe, if the user is not logged in, it makes sense to redirect the authentication page

sandeepone commented 11 years ago

Many cases we need to throw 404 or 403 and in few cases we need to redirect to login form if not logged in.

sergeyklay commented 11 years ago

In general, the fundamental idea is to add ability a callback method as an argument to ACL::required()

sandeepone commented 11 years ago

I think we can add ACL::redirect cases where we need redirect to another page or login

sergeyklay commented 11 years ago

I looked similar implementation in Zend and Symfony and I found that we could borrow a something

sergeyklay commented 11 years ago

Maybe worth paying attention to the ready-made solutions for similar problems:

Wouterrr / ACL — ACL for Kohana (based on Zend_ACL)
synapsestudios / kohana-acl — Request-based ACL Module for Ko3, Auth, and ORM
NeZanyat / kohanaACL — More powerful ACL system for Kohana
smgladkovskiy / ACL Kohana — Access Controll List module
morgan / kohana-deputy — Powerful Kohana ACL designed with the minimalist in mind
anroots / kohana-db-acl — Database-based ACL module for Kohana 3.3
banks / aacl — Another ACL for Kohana 3
ener / Kohana-ACL — ACL for Kohana 3.0.8
StefanRHRO / KohanaACL — A little Access Control List (ACL) Module for Kohana

sergeyklay commented 11 years ago

Hi all!

@sandeepone

I have some ideas about ACL 2.0 that you can look at this url: https://gist.github.com/sergeyklay/5075595

Here's one way how we can use this: https://gist.github.com/sergeyklay/5075608 But this is not the only change in the ACL class, and this is beta version

I seriously reworked the code and add new methods. And I'm interested in your opinion

@dishuostec

If you have anything to add - it would be good

Best regards,

sergeyklay commented 11 years ago

128

sergeyklay commented 11 years ago

also see: 68b60b7123f9fbeae4dc5cf5d44edb666f7cf140 5da99fe01d17a4a955ecdc7b78c24afd7442d33f a4b8b0339004b84e6e40add048a7f6161e4783fa 0abe2a3a545c67b714d14ad60ae53ab058057bef d35b32604178cfb80721886886195deef7f4ead0

sandeepone commented 11 years ago

Sorry, I didn't follow this issue, but we've covered most of the things.

sergeyklay commented 11 years ago

yep!