tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-03 09:59:32 +02:00
Code Issues Projects Releases Wiki Activity
552cf5944d
silverstripe-framework/docs/en/02_Developer_Guides/02_Controllers/03_Access_Control.md
Michael Pritchard fdbd899766 DOC Update SilverStripe to Silverstripe CMS 
- Remaining Developer Guides and Upgrading
- SilverStripe in a namespace or api has not been change
- To keep PRs easier no formatting was changed

Update merge conflics with two files

Update Silverstripe Ltd, Silverstripe Cloud and Silverstripe CMS

Silverstripe CMS Ltd > Silverstripe Ltd
Silverstripe CMS Platform > Silverstripe Cloud
Silverstripe CMS Framework > Silverstripe CMS

Resolve merge conflict

Remove Framework from Silverstripe CMS Framework

- 3 files

Change SilverStripe CMS to Silverstripe CMS
2021-07-30 13:54:15 +01:00

238 lines
5.1 KiB
Markdown
Raw Blame History

---
title: Access Control
summary: Define allowed behavior and add permission based checks to your Controllers.
icon: user-lock
---
# Access Control
Within your controllers you should declare and restrict what people can see and do to ensure that users cannot run
actions on the website they shouldn't be able to.
## Allowed Actions
Any action you define on a controller must be defined in a `$allowed_actions` static array. This prevents users from
directly calling methods that they shouldn't.
```php
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [
// someaction can be accessed by anyone, any time
'someaction',
// So can otheraction
'otheraction' => true,
// restrictedaction can only be people with ADMIN privilege
'restrictedaction' => 'ADMIN',
// restricted to uses that have the 'CMS_ACCESS_CMSMain' access
'cmsrestrictedaction' => 'CMS_ACCESS_CMSMain',
// complexaction can only be accessed if $this->canComplexAction() returns true.
'complexaction' => '->canComplexAction',
// complexactioncheck can only be accessed if $this->canComplexAction("MyRestrictedAction", false, 42) is true.
'complexactioncheck' => '->canComplexAction("MyRestrictedAction", false, 42)',
];
}
```
[info]
If the permission check fails, Silverstripe CMS will return a `403` Forbidden HTTP status.
[/info]
An action named "index" is white listed by default, unless `allowed_actions` is defined as an empty array, or the action
is specifically restricted.
```php
use SilverStripe\Control\Controller;
class MyController extends Controller
{
public function index()
{
// allowed without an $allowed_action defined
}
}
```
`$allowed_actions` can be defined on `Extension` classes applying to the controller.
```php
use SilverStripe\Core\Extension;
class MyExtension extends Extension
{
private static $allowed_actions = [
'mycustomaction'
];
}
```
Only public methods can be made accessible.
```php
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [
'secure',
// secureaction won't work as it's private.
];
public function secure()
{
// ..
}
private function secureaction()
{
// ..
}
}
```
If a method on a parent class is overwritten, access control for it has to be redefined as well.
```php
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [
'action',
];
public function action()
{
// ..
}
}
class MyChildController extends MyController
{
private static $allowed_actions = [
'action', // required as we are redefining action
];
public function action()
{
}
}
```
[notice]
Access checks on parent classes need to be overwritten via the [Configuration API](../configuration).
[/notice]
## Forms
Form action methods should **not** be included in `$allowed_actions`. However, the form method **should** be included
as an `allowed_action`.
```php
use SilverStripe\Forms\Form;
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [
'ContactForm' // use the Form method, not the action
];
public function ContactForm()
{
return new Form(..);
}
public function doContactForm($data, $form)
{
// ..
}
}
```
## Action Level Checks
Each method responding to a URL can also implement custom permission checks, e.g. to handle responses conditionally on
the passed request data.
```php
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [
'myaction'
];
public function myaction($request)
{
if(!$request->getVar('apikey')) {
return $this->httpError(403, 'No API key provided');
}
return 'valid';
}
}
```
[notice]
This is recommended as an addition for `$allowed_actions`, in order to handle more complex checks, rather than a
replacement.
[/notice]
## Controller Level Checks
After checking for allowed_actions, each controller invokes its `init()` method, which is typically used to set up
common state, If an `init()` method returns a `HTTPResponse` with either a 3xx or 4xx HTTP status code, it'll abort
execution. This behavior can be used to implement permission checks.
[info]
`init` is called for any possible action on the controller and before any specific method such as `index`.
[/info]
```php
use SilverStripe\Security\Permission;
use SilverStripe\Control\Controller;
class MyController extends Controller
{
private static $allowed_actions = [];
public function init()
{
parent::init();
if(!Permission::check('ADMIN')) {
return $this->httpError(403);
}
}
}
```
## Related Documentation
* [Security](../security)
## API Documentation
* [Controller](api:SilverStripe\Control\Controller)
Reference in New Issue View Git Blame Copy Permalink