我正在使用CakePHP开发一个restful API,我正在尝试实现一个自定义授权,授权用户使用ACL,代码看起来像
<?php
App::uses('BaseAuthorize', 'Controller/Component/Auth');
class ApiAuthorize extends BaseAuthorize {
public function authorize($user, CakeRequest $request) {
$allowed = false;
$Acl = $this->_Collection->load('Acl');
list($plugin, $userModel) = pluginSplit($this->settings['userModel']);
$action = $this->action($request);
$cacheName = 'permissions_' . strval($user['id']);
if (($permissions = Cache::read($cacheName, 'permissions')) === false) {
$permissions = array();
Cache::write($cacheName, $permissions, 'permissions');
}
if (!isset($permissions[$action])) {
$User = ClassRegistry::init($this->settings['userModel']);
$User->id = $user['id'];
$allowed = $Acl->check($User, $action);
$permissions[$action] = $allowed;
Cache::write($cacheName, $permissions, 'permissions');
$hit = false;
} else {
$allowed = $permissions[$action];
$hit = true; …