Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
technical:rba-adjust [2025/06/09 04:36] systemtechnical:rba-adjust [2025/06/13 09:54] (current) system
Line 20: Line 20:
  
 ===== RBA in CakePHP ===== ===== RBA in CakePHP =====
 +  * Each controller in CakePHP has various methods that are called.
 +  * These methods are recorded in a config file with the convention **Rba** + contoller name + **.php**.
 +  * Refer to the RbaPermanentUsers.php here:
 +<code php>
 +<?php
 +
 +$config = [];
 +$config['RbaPermanentUsers'] = [
 +    'admin'     => ['*'],
 +    'view'      => [
 +        'exportCsv',
 +        'index',
 +       //'add',
 +       //'import',
 +      //'delete',
 +        'viewBasicInfo',
 +      //'editBasicInfo',
 +        'viewPersonalInfo',
 +      //'editPersonalInfo',
 +        'privateAttrIndex',
 +      //'privateAttrAdd',
 +      //'privateAttrEdit',
 +      //'privateAttrDelete',
 +      //'restrictListOfDevices',
 +      //'autoMacOnOff',
 +        'viewPassword',
 +      //'changePassword',
 +      //'emailUserDetails',
 +        'enableDisable',
 +      
 +        //Buttons
 +        //'btnRadius',
 +        //'btnGraph',
 +        //'btnByod',
 +        //'btnTopup',
 +    ],
 +    'granular'  => [
 +        'exportCsv',
 +        'index',
 +        'add',
 +        'import',
 +        'delete',
 +        'viewBasicInfo',
 +        'editBasicInfo',
 +        'viewPersonalInfo',
 +        'editPersonalInfo',
 +        'privateAttrIndex',
 +        'privateAttrAdd',
 +        'privateAttrEdit',
 +        'privateAttrDelete',
 +        'restrictListOfDevices',
 +        'autoMacOnOff',
 +        'viewPassword',
 +        'changePassword',
 +        'emailUserDetails',
 +        'enableDisable',
 +        
 +        //Buttons
 +        'btnRadius',
 +        'btnGraph',
 +        'btnByod',
 +        'btnTopup',
 +    ],
 +    'logActions'    => true,    //Flag to set if we want to actions logged
 +    'logExcludes'   => [
 +        'index'
 +    ]
 +];
 +
 +return $config;
 +?>
 +</code>
 +  * The file returns an array called **$config** with a key that matches the filename without **.php**.
 +  * In our sample it is **RbaPermanentUsers**.
 +  * The value of this key in turn contains an array with the following keys:
 +    - **admin**: Typically contains a wildcard array.
 +    - **view**: Contains an array with all the methods / actions in the controller you want to apply RBA to. Some might be commented out to show they are not available to the **view** role.
 +    - **granular**: Contains an array with all the methods / actions in the controller you want to apply RBA to. Some might be commented out to show they are not available to the **operator** role.
 +    - **logActions**: Specify if actions on this controller needs to be recorded in a log.
 +    - **logExcludes**: Specify which actions should be excluded from the log records.
 +
 +----------------
 +
 +==== Special entries 'btn' ====
 +  * You might have noticed there are entries under a heading **Buttons**.
 +  * These are special entries that are uses to show or hide certain buttons on the applet for an admin role.
 +  * If for instance you do not want to show the Topup button, you can simply comment that entry out.
 +  * The Topup button will then not be included.
 +
 +--------------
 +
 +===== Components involved with RBA =====
 +
 +==== AaComponent ====
 +  * The AaComponent will check if there is a RBA config file and then apply any restrictions on the role that needs to be applied with a informative error message.
 +
 +--------------
 +
 +==== GridButtonsRbaComponent ====
 +  * The GridButtonsRbaComponent will check if there is a RBA config file and use that to construct the buttons on the applet's toolbar.
 +
 +
 +
 +
 +
 +
  • technical/rba-adjust.1749436568.txt.gz
  • Last modified: 2025/06/09 04:36
  • by system