From fafb17e6e93c90a5b646acca851a10d15e48f0f2 Mon Sep 17 00:00:00 2001 From: sakaguchi Date: Fri, 22 May 2026 16:11:03 +0900 Subject: [PATCH 1/2] =?UTF-8?q?fix=20#4274=20=E3=80=90=E3=82=B7=E3=82=B9?= =?UTF-8?q?=E3=83=86=E3=83=A0=E3=80=91=E7=AE=A1=E7=90=86=E7=94=BB=E9=9D=A2?= =?UTF-8?q?URL=E3=82=92=E5=A4=89=E6=9B=B4=E3=81=97=E3=81=A6=E3=81=84?= =?UTF-8?q?=E3=82=8B=E5=A0=B4=E5=90=88=E3=80=81=E3=83=A6=E3=83=BC=E3=82=B6?= =?UTF-8?q?=E3=83=BC=E3=82=B0=E3=83=AB=E3=83=BC=E3=83=97=E3=81=AE=E3=82=A2?= =?UTF-8?q?=E3=82=AF=E3=82=BB=E3=82=B9=E3=83=AB=E3=83=BC=E3=83=AB=E3=81=8C?= =?UTF-8?q?=E6=AD=A3=E3=81=97=E3=81=8F=E6=A9=9F=E8=83=BD=E3=81=97=E3=81=AA?= =?UTF-8?q?=E3=81=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/Service/PermissionsService.php | 29 ++++++++++--------- .../Service/PermissionsServiceTest.php | 15 ++++++++++ 2 files changed, 31 insertions(+), 13 deletions(-) diff --git a/plugins/baser-core/src/Service/PermissionsService.php b/plugins/baser-core/src/Service/PermissionsService.php index f4b26a5dea..5af88865ea 100644 --- a/plugins/baser-core/src/Service/PermissionsService.php +++ b/plugins/baser-core/src/Service/PermissionsService.php @@ -28,7 +28,6 @@ use BaserCore\Annotation\Checked; use BaserCore\Annotation\Note; use Cake\Routing\Router; -use Cake\Utility\Inflector; /** * Class PermissionsService @@ -493,14 +492,6 @@ private function checkGroup( if ($type === 1) return true; } - // URLのプレフィックスを標準の文字列に戻す - foreach(Configure::read('BcPrefixAuth') as $key => $value) { - $prefixAreas = Configure::read('BcApp.' . Inflector::variable($key) . 'Prefix'); - if(!$prefixAreas) continue; - $regex = '/^' . preg_quote('/' . Configure::read('BcApp.baserCorePrefix') . '/' . $prefixAreas . '/', '/') . '/'; - $url = preg_replace($regex, '/baser/' . Inflector::underscore($key) . '/', $url); - } - return $this->isAuthorized($prefixAuthSetting['permissionType'], $url, $method, $groupPermission); } @@ -555,10 +546,22 @@ public function convertRegexUrl(string $url) $url = str_replace('{loginUserId}', $user->id, $url); } } - $prefix = BcUtil::getPrefix(); - if($prefix !== '/baser/admin') { - $url = preg_replace('/^\/baser\/admin/', BcUtil::getPrefix(), $url); - } + $baserCorePrefix = BcUtil::getBaserCorePrefix(); + $adminPrefix = BcUtil::getAdminPrefix(); + $apiPrefix = Configure::read('BcApp.apiPrefix'); + // DB に保存された標準プレフィックス(/baser/api/admin, /baser/admin)を + // .env の設定値に基づく実際のプレフィックスに変換する + $url = preg_replace( + [ + '/^\/baser\/' . preg_quote($apiPrefix, '/') . '\/admin/', + '/^\/baser\/admin/', + ], + [ + '/' . $baserCorePrefix . '/' . $apiPrefix . '/' . $adminPrefix, + '/' . $baserCorePrefix . '/' . $adminPrefix, + ], + $url + ); $pattern = preg_quote($url, '/'); $pattern = str_replace('\*', '.*?', $pattern); return '/^' . str_replace('\/.*?', '(|\/.*?)', $pattern) . '$/is'; diff --git a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php index f54b3fa175..8727c5161e 100644 --- a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php +++ b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php @@ -513,6 +513,21 @@ public function testConvertRegexUrl(): void $expected = '/^\/admin\/posts(|\/.*?)$/is'; $result = $this->PermissionsService->convertRegexUrl($url); $this->assertEquals($expected, $result); + + // DB保存の標準プレフィックス(/baser/admin)が実際のプレフィックスに変換されることを確認 + $baserCorePrefix = BcUtil::getBaserCorePrefix(); + $adminPrefix = BcUtil::getAdminPrefix(); + $apiPrefix = Configure::read('BcApp.apiPrefix'); + + $url = '/baser/admin/baser-core/contents/index'; + $expected = '/^\/' . preg_quote($baserCorePrefix . '/' . $adminPrefix . '/baser-core/contents/index', '/') . '$/is'; + $result = $this->PermissionsService->convertRegexUrl($url); + $this->assertEquals($expected, $result); + + $url = '/baser/api/admin/baser-core/contents/index.json'; + $expected = '/^\/' . preg_quote($baserCorePrefix . '/' . $apiPrefix . '/' . $adminPrefix . '/baser-core/contents/index.json', '/') . '$/is'; + $result = $this->PermissionsService->convertRegexUrl($url); + $this->assertEquals($expected, $result); } /** From 4b181125758aa5627fcaef2f10e0b513a2ca4691 Mon Sep 17 00:00:00 2001 From: sakaguchi Date: Fri, 29 May 2026 11:51:46 +0900 Subject: [PATCH 2/2] =?UTF-8?q?fix=20#4274=20=E3=80=90=E3=82=B7=E3=82=B9?= =?UTF-8?q?=E3=83=86=E3=83=A0=E3=80=91=E7=AE=A1=E7=90=86=E7=94=BB=E9=9D=A2?= =?UTF-8?q?URL=E3=82=92=E5=A4=89=E6=9B=B4=E3=81=97=E3=81=A6=E3=81=84?= =?UTF-8?q?=E3=82=8B=E5=A0=B4=E5=90=88=E3=80=81=E3=83=A6=E3=83=BC=E3=82=B6?= =?UTF-8?q?=E3=83=BC=E3=82=B0=E3=83=AB=E3=83=BC=E3=83=97=E3=81=AE=E3=82=A2?= =?UTF-8?q?=E3=82=AF=E3=82=BB=E3=82=B9=E3=83=AB=E3=83=BC=E3=83=AB=E3=81=8C?= =?UTF-8?q?=E6=AD=A3=E3=81=97=E3=81=8F=E6=A9=9F=E8=83=BD=E3=81=97=E3=81=AA?= =?UTF-8?q?=E3=81=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugins/baser-core/src/Service/PermissionsService.php | 8 +++++--- .../tests/TestCase/Service/PermissionsServiceTest.php | 11 ++++++----- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/plugins/baser-core/src/Service/PermissionsService.php b/plugins/baser-core/src/Service/PermissionsService.php index 5af88865ea..8de0531c6c 100644 --- a/plugins/baser-core/src/Service/PermissionsService.php +++ b/plugins/baser-core/src/Service/PermissionsService.php @@ -547,8 +547,10 @@ public function convertRegexUrl(string $url) } } $baserCorePrefix = BcUtil::getBaserCorePrefix(); - $adminPrefix = BcUtil::getAdminPrefix(); $apiPrefix = Configure::read('BcApp.apiPrefix'); + $adminPrefix = BcUtil::getAdminPrefix(); + $apiAdminAlias = Configure::read('BcPrefixAuth.Api/Admin.alias') ?: '/' . $apiPrefix . '/admin'; + $adminAlias = Configure::read('BcPrefixAuth.Admin.alias') ?: '/' . $adminPrefix; // DB に保存された標準プレフィックス(/baser/api/admin, /baser/admin)を // .env の設定値に基づく実際のプレフィックスに変換する $url = preg_replace( @@ -557,8 +559,8 @@ public function convertRegexUrl(string $url) '/^\/baser\/admin/', ], [ - '/' . $baserCorePrefix . '/' . $apiPrefix . '/' . $adminPrefix, - '/' . $baserCorePrefix . '/' . $adminPrefix, + '/' . $baserCorePrefix . $apiAdminAlias, + '/' . $baserCorePrefix . $adminAlias, ], $url ); diff --git a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php index 8727c5161e..61c87278ba 100644 --- a/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php +++ b/plugins/baser-core/tests/TestCase/Service/PermissionsServiceTest.php @@ -514,20 +514,21 @@ public function testConvertRegexUrl(): void $result = $this->PermissionsService->convertRegexUrl($url); $this->assertEquals($expected, $result); - // DB保存の標準プレフィックス(/baser/admin)が実際のプレフィックスに変換されることを確認 + // DB保存の標準プレフィックスが実際のprefix aliasに変換されることを確認 $baserCorePrefix = BcUtil::getBaserCorePrefix(); - $adminPrefix = BcUtil::getAdminPrefix(); - $apiPrefix = Configure::read('BcApp.apiPrefix'); + $adminAlias = Configure::read('BcPrefixAuth.Admin.alias'); + $apiAdminAlias = Configure::read('BcPrefixAuth.Api/Admin.alias'); $url = '/baser/admin/baser-core/contents/index'; - $expected = '/^\/' . preg_quote($baserCorePrefix . '/' . $adminPrefix . '/baser-core/contents/index', '/') . '$/is'; + $expected = '/^\/' . preg_quote($baserCorePrefix . $adminAlias . '/baser-core/contents/index', '/') . '$/is'; $result = $this->PermissionsService->convertRegexUrl($url); $this->assertEquals($expected, $result); $url = '/baser/api/admin/baser-core/contents/index.json'; - $expected = '/^\/' . preg_quote($baserCorePrefix . '/' . $apiPrefix . '/' . $adminPrefix . '/baser-core/contents/index.json', '/') . '$/is'; + $expected = '/^\/' . preg_quote($baserCorePrefix . $apiAdminAlias . '/baser-core/contents/index.json', '/') . '$/is'; $result = $this->PermissionsService->convertRegexUrl($url); $this->assertEquals($expected, $result); + } /**