mediaプラグイン応用(11) アップãƒãƒ¼ãƒ‰ãƒ¦ãƒ¼ã‚¶æƒ…å ±ã®è¿½åŠ
Mediaプラグインã¯ã€ã€Œã©ã®ãƒ¦ãƒ¼ã‚¶ãŒã‚¢ãƒƒãƒ—ãƒãƒ¼ãƒ‰ã—ãŸã‹ã€ã®æƒ…å ±ã‚’ä¿ç®¡ã—ã¾ã›ã‚“。
ãã®ãŸã‚ã€åˆ¥ã®ãƒ¦ãƒ¼ã‚¶ãŒã‚¢ãƒƒãƒ—ãƒãƒ¼ãƒ‰ã—ãŸãƒ•ã‚¡ã‚¤ãƒ«ã§ã‚ã£ã¦ã‚‚ã€IDã‚’æ£ã—ã指定ã™ã‚Œã°å‰Šé™¤ã§ãã¦ã—ã¾ã„ã¾ã™ã€‚
attachmentsテーブルã«user_idã‚’è¿½åŠ ã—ã¦ã€ãƒ•ã‚¡ã‚¤ãƒ«ä¿å˜æ™‚ã®ç™»éŒ²ã¨ãƒ•ã‚¡ã‚¤ãƒ«å‰Šé™¤æ™‚ã®æ¨©é™ãƒã‚§ãƒƒã‚¯ã‚’è¿½åŠ ã—ã¾ã—ãŸã€‚
ユーザID追åŠ
user_idã®ã‚«ãƒ©ãƒ ã‚’è¿½åŠ ã—ã¦ã€attachmentsテーブルを作æˆã—ãªãŠã—ã¾ã™ã€‚
mysql> DESCRIBE attachments; +-------------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +-------------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | user_id | int(10) unsigned | NO | MUL | NULL | | | model | varchar(255) | NO | MUL | NULL | | | foreign_key | int(10) | NO | | NULL | | | dirname | varchar(255) | YES | | NULL | | | basename | varchar(255) | NO | | NULL | | | checksum | varchar(255) | NO | | NULL | | | alternative | varchar(50) | YES | | NULL | | | group | varchar(255) | YES | | NULL | | | created | datetime | YES | | NULL | | | modified | datetime | YES | | NULL | | +-------------+------------------+------+-----+---------+----------------+ 12 rows in set (0.00 sec)
$fieldListã«user_idã‚«ãƒ©ãƒ ã‚’è¿½åŠ ã—ã¾ã™ã€‚
app/controllers/users_controller.php
function edit_image() {
(ä¸ç•¥ï¼‰
$fieldList = array(
+ 'user_id',
'model',
'foreign_key',
'dirname',
'basename',
'checksum',
'group',
'alternative',
'file',
);
if ($this->User->saveAll($this->data, array(Mediaプラグインã®ãƒ¢ãƒ‡ãƒ«ã«ã€Userã¨ã®é–¢é€£ä»˜ã‘($belongsTo)ã¨ã€beforeSave()ã§user_idã®ã‚»ãƒƒãƒˆã‚’è¿½åŠ ã—ã¾ã™ã€‚
モデルã‹ã‚‰Authコンãƒãƒ¼ãƒãƒ³ãƒˆã®èªè¨¼æƒ…å ±ã¯å‚ç…§ãŒè¤‡é›‘ã«ãªã‚‹ã®ã§ã€ã‚»ãƒƒã‚·ãƒ§ãƒ³æƒ…å ±ã‹ã‚‰ãƒ¦ãƒ¼ã‚¶IDをセットã—ã¾ã—ãŸã€‚
app/plugins/media/models/attachment_ex.php
+ var $belongsTo = array(
+ 'User' => array(
+ 'className' => 'User',
+ 'foreignKey' => 'user_id',
+ 'conditions' => '',
+ 'fields' => '',
+ 'order' => ''
+ )
+ );
(ä¸ç•¥ï¼‰
+ function beforeSave() {
+ if (!isset($this->data['Attachment']['delete'])) {
+ // 登録者ID
+ if (isset($_SESSION['Auth']['User']['id']) &&
+ (!isset($this->data[$this->alias]['delete']) || $this->data[$this->alias]['delete'] === '0')
+ $this->data[$this->alias]['user_id'] = $_SESSION['Auth']['User']['id'];
+ }
+ }
+
+ return parent::beforeSave();
+ }ã“ã‚Œã§ã€attachmentsã«å®Ÿè¡Œè€…ã®ãƒ¦ãƒ¼ã‚¶IDãŒç™»éŒ²ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
mysql> SELECT id, user_id, model, foreign_key, basename FROM attachments\G
*************************** 1. row ***************************
id: 26
user_id: 1
model: User
foreign_key: 1
basename: 4b876687-fefc-4fc4-9c1e-0a72c0a80b08.jpg
*************************** 2. row ***************************
id: 27
user_id: 25
model: User
foreign_key: 25
basename: 4b876695-6720-4aa3-ad7f-0a77c0a80b08.jpg
2 rows in set (0.00 sec)
削除権é™ãƒã‚§ãƒƒã‚¯
削除å‰ã®ãƒ¦ãƒ¼ã‚¶IDãƒã‚§ãƒƒã‚¯ã¯ã€Mediaプラグインã®ãƒ¢ãƒ‡ãƒ«ã«beforeDeleteã‚’è¿½åŠ ã—ã¦ã€ãã®ä¸ã§è¡Œãªã„ã¾ã™ã€‚
+ function beforeDelete($cascade = true) {
+ if (!isset($this->data['Attachment']['id']) || empty($this->data['Attachment']['id'])) {
+ return false;
+ }
+ $result = $this->find('first', array(
+ 'conditions' => array('id' => $this->data['Attachment']['id']),
+ 'fields' => array('user_id'),
+ 'recursive' => -1,
+ ));
+
+ if ($result["Attachment"]["user_id"] != $_SESSION['Auth']['User']['id']) {
+ return false;
+ }
+
+ return parent::beforeDelete($cascade);
+ }beforeDelete()ã§falseã‚’è¿”ã™ã¨ã€å‰Šé™¤ã¯è¡Œãªã‚ã‚Œã¾ã›ã‚“ãŒsaveAll()ã¯ã‚¨ãƒ©ãƒ¼ã«ãªã‚‰ãªã„ã®ã§ã€ã“ã‚Œå˜ç‹¬ã§ã¯ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©å´ã§ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸è¡¨ç¤ºãªã©ã¯è¡Œãªã‚ã‚Œã¾ã›ã‚“。
今回ã¯ã€ã‚¨ãƒ©ãƒ¼ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸è¡¨ç¤ºã¯ç‰¹ã«è¦ã‚‰ãªã„ã¨åˆ¤æ–ã—ã¾ã—ãŸãŒã€ãƒ¡ãƒƒã‚»ãƒ¼ã‚¸ãŒæ¬²ã—ã„å ´åˆã¯ã€ã‚³ãƒ³ãƒˆãƒãƒ¼ãƒ©ã‚„ãƒãƒªãƒ‡ãƒ¼ã‚·ãƒ§ãƒ³æ®µéšŽã§ã®ãƒã‚§ãƒƒã‚¯ã®æ–¹ãŒè¦ã‚Šã¾ã™ã€‚
