Ok, I modified the UsersController like this : public function isAuthorized($user) { if (parent::isAuthorized($user)) { return true; }
if (in_array($this->action, array('edit', 'delete'))) { if ($this->User->id == $this->Session- >read('Auth.User.id')) { return true; } } return false; } , I don't get the notice anymore, BUT USers still can edit themeselves: any try for editing will redirect to the index. So : Admin can edit any one, users can't edit any profiles. I just need to find out how to allow them editing their own. I thought thi woul check if the user ID was the same as the id stored when logged : if ($this->User->id == $this->Session->read('Auth.User.id')) { return true; } but it doesn't seem to work. Any help ? Thanks a lot. On 15 jan, 11:38, "J." <contact.mysparet...@gmail.com> wrote: > I think I'm near the solution, but I need help for finishing the > code : > > Here is my app controller : > > public function isAuthorized($user) { > if (isset($user['role']) && $user['role'] === 'admin') { > return true; //Admin can access every action > } > return false; // The rest don't > } > > function beforeFilter() { > $this->Auth->allow('index', 'view'); > $this->Auth->allow('display'); > } > > And my UsersController : > > public function isAuthorized($user) { > if (parent::isAuthorized($user)) { > return true; > } > > if (in_array($this->action, array('edit', 'delete'))) { > if ($user['User']['id'] == $this->Session->read('Auth.User.id')) { > > return true; > } > } > > return false; > } > > With this code, Admin can edit everyone, but when a logge duser tries > to edit himself, I get this notice : > > Notice (8): Undefined index: User [APP/Controller/ > UsersController.php, line 60] > Code Context > > if (in_array($this->action, array('edit', 'delete'))) { > if ($user['User']['id'] == $this->Session->read('Auth.User.id')) { > > UsersController::isAuthorized() - APP/Controller/UsersController.php, > line 60 > ControllerAuthorize::authorize() - CORE/Cake/Controller/Component/Auth/ > ControllerAuthorize.php, line 64 > AuthComponent::isAuthorized() - CORE/Cake/Controller/Component/ > AuthComponent.php, line 379 > AuthComponent::startup() - CORE/Cake/Controller/Component/ > AuthComponent.php, line 330 > ObjectCollection::trigger() - CORE/Cake/Utility/ObjectCollection.php, > line 103 > Controller::startupProcess() - CORE/Cake/Controller/Controller.php, > line 606 > Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 104 > Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 89 > [main] - APP/webroot/index.php, line 96 > > Any idea what I should add next ? Perhaps in my User Model ? Many > thanks ! > > On 14 jan, 19:44, Salines <nikola.parad...@gmail.com> wrote: > > > > > > > > > I think you have answer in one of this videos > > >http://www.youtube.com/results?search_query=cakephp+auth -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php