我需要CakePHP中的帮助 - 简单身份验证和授权应用程序教程
public function isAuthorized($user) {
// All registered users can add posts
if ($this->action === 'add') {
return true;
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('edit', 'delete'))) {
$postId = $this->request->params['pass'][0];
if ($this->Post->isOwnedBy($postId, $user['id'])) {
return true;
}
}
return parent::isAuthorized($user);
}
这一部分我不知道这意味着什么,我已经在谷歌搜索但我找不到
$this->Post->isOwnedBy($postId, $user['id'])
答案 0 :(得分:5)
isOwnedBy是帖子模型Post.php中的一个功能,它会覆盖AppController's isAuthorized函数,以了解该用户是否发布了帖子。如果没有,则允许他访问add操作,否则允许访问add,edit,delete
阅读本文了解更多详情Cake book- authorization-who-s-allowed-to-access-what