I am just starting with CakePHP and maybe I misunderstand your
question, but can't you just get the list of permissions the logged-in
user has from the db (via groups_permissions/permissions tables?) and
use that to generate menu? You can also just make menu based on just
group memberships (not as dynamic, but fast)
BTW, some future features I'd love to see - multiple group memberships
as well as users_permissions mapping for giving permissions directly to
users. Also maybe a "guest" group, so that you can enable global
lockdown and treat non-logged in users as "guests" - in effect doing
deny all access unless logged in or action is in the "guest" group
permissions.
-M
Olivier Percebois-Garve wrote:
>
> 2. I'd like to gather the name of all the controller having restricted
> methods, and the names of the restricted methods ($othAuthRestrictions)
> in my layout. Basically I'm doing :
> if restricted build adminMenu
> else build userMenu
> Any ideas on how to achieve this ?
>
> olivvv
>
>
> Langdon Stevenson wrote:
> > Hi rombeh
> >
> > I have the following code in the controllers that I want to protect:
> > (note: extra $helpers and $components have been removed to simplify)
> >
> > class LeadersController extends AppController
> > {
> > var $name = 'Leaders'; //for php4
> >
> > var $helpers = array('othAuth');
> > var $components = array('othAuth');
> >
> > var $othAuthRestrictions = array('index');
> >
> > function beforeFilter()
> > {
> > $auth_conf = array('auto_redirect' => true,
> > 'login_page' => 'leaders/login',
> > 'logout_page' => 'leaders/logout',
> > 'access_page' => '/leaders',
> > 'hashkey' => 'mYpERsOnALhaSHkeY',
> > 'strict_gid_check' => false);
> >
> > $this->othAuth->controller = &$this;
> > $this->othAuth->init($auth_conf);
> > $this->othAuth->check();
> > }
> >
> > function index ()
> > {
> > // Action code ...
> > }
> > }
> >
> >
> > That is all that is required to add to the controller to protect the
> > index action, assuming that you have followed the othAuth setup
> > instructions and have the required classes and DB tables in place.
> >
> > As mentioned in my previous post I also have a permission in the
> > permission table like this:
> >
> > INSERT INTO `cake_permissions` VALUES (1,'leaders/index','2006-03-13
> > 23:19:31','0000-00-00 00:00:00');
> >
> > And a Groups-Permissions mapping that connects that permission to the
> > desired user's group.
> >
> > As a side note, you have to check that your User has the right group ID
> > assigned, and that their Active field is set to "1".
> >
> > Hope this is useful.
> >
> > Regards,
> > Langdon
> >
> >
> >
> >
> >
> >
> >
> > rombeh wrote:
> >
> >> hi Langdon Stevenson,
> >> Can u show me quick walkthrough (place some code too :D) in order to
> >> get it works
> >>
> >> thanks
> >>
> >
> > >
> >
> >
>
>
> --------------050902020402050200070309
> Content-Type: text/html; charset=ISO-8859-1
> X-Google-AttachSize: 3096
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
> <html>
> <head>
> <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
> </head>
> <body bgcolor="#ffffff" text="#000000">
> Wow. I see that there is more and more othAuth users. I've two issues
> I'm not sure how to tackle.<br>
> Just wanna to know if some peoples are sharing the same concerns (and
> if crazylegs thought about that for the new version) <br>
> <br>
> 1.Sometimes I hit the login page while its seems that I am already
> logged. if I fill in the right login, then I got back the message <br>
> that credentials are wrong. But n fact after that if I enter
> manually
> the url of a restricted method, I can access it. <br>
> I'm not sure how to reproduce this but it happened often during testing
> of code in restricted method. maybe it is related to my use<br>
> of requestAction.<br>
> <br>
> 2. I'd like to gather the name of all the controller having restricted
> methods, and the names of the restricted methods ($othAuthRestrictions)
> <br>
> in my layout. Basically I'm doing :<br>
> if restricted build adminMenu<br>
> else build userMenu<br>
> Any ideas on how to achieve this ?<br>
> <br>
> olivvv<br>
> <br>
> <br>
> Langdon Stevenson wrote:
> <blockquote cite="[EMAIL PROTECTED]" type="cite">
> <pre wrap="">Hi rombeh
>
> I have the following code in the controllers that I want to protect:
> (note: extra $helpers and $components have been removed to simplify)
>
> class LeadersController extends AppController
> {
> var $name = 'Leaders'; //for php4
>
> var $helpers = array('othAuth');
> var $components = array('othAuth');
>
> var $othAuthRestrictions = array('index');
>
> function beforeFilter()
> {
> $auth_conf = array('auto_redirect' => true,
> 'login_page' => 'leaders/login',
> 'logout_page' => 'leaders/logout',
> 'access_page' => '/leaders',
> 'hashkey' => 'mYpERsOnALhaSHkeY',
> 'strict_gid_check' => false);
>
> $this->othAuth->controller = &$this;
> $this->othAuth->init($auth_conf);
> $this->othAuth->check();
> }
>
> function index ()
> {
> // Action code ...
> }
> }
>
>
> That is all that is required to add to the controller to protect the
> index action, assuming that you have followed the othAuth setup
> instructions and have the required classes and DB tables in place.
>
> As mentioned in my previous post I also have a permission in the
> permission table like this:
>
> INSERT INTO `cake_permissions` VALUES (1,'leaders/index','2006-03-13
> 23:19:31','0000-00-00 00:00:00');
>
> And a Groups-Permissions mapping that connects that permission to the
> desired user's group.
>
> As a side note, you have to check that your User has the right group ID
> assigned, and that their Active field is set to "1".
>
> Hope this is useful.
>
> Regards,
> Langdon
>
>
>
>
>
>
>
> rombeh wrote:
> </pre>
> <blockquote type="cite">
> <pre wrap="">hi Langdon Stevenson,
> Can u show me quick walkthrough (place some code too :D) in order to
> get it works
>
> thanks
> </pre>
> </blockquote>
> <pre wrap=""><!---->
>
>
> </pre>
> </blockquote>
> <br>
> </body>
> </html>
>
> --------------050902020402050200070309--
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/cake-php
-~----------~----~----~----~------~----~------~--~---
