the last line allows admin users to access all areas. Other roles are
limited to thier respective prefixed routes
add admin=>false to your html->link calls
On 18/04/2011, MeatSandwich <i...@babyclothingcentral.co.uk> wrote:
> Sorry for being a bit of a dumb-ass but I'm trying to learn and have
> been looking at this for a couple of days but I'm still not completely
> sure how it works. I'm following an offline tutorial about using
> prefixes.
>
> the tutorial says do this:
> 1 - uncomment the admin routing prefix in core.php
> 2 - add the following to users_controller.php:
> public function dashboard() {
> $role = $this->Auth->user('role');
> if (!empty($role)) {
> $this->redirect(array($role=>true,
> 'action'=>'dashboard'));
> }
> }
>
> public function admin_dashboard() {
> }
>
> public function manager_dashboard() {
> }
>
> 3 - create three views for the above
> 4 - in app_controller add the authorize and session components with
> appropriate settings, then add:
> public function isAuthorized() {
> $role = $this->Auth->user('role');
> $neededRole = null;
> $prefix = !empty($this->params['prefix']) ? $this-
>>params['prefix'] : null;
> if (!empty($prefix) && in_array($prefix,
> Configure::read('Routing.prefixes'))) {
> $neededRole = $prefix;
> }
> return (empty($neededRole) || strcasecmp($role, 'admin') == 0 ||
> strcasecmp($role, $neededRole) == 0);
> }
>
> 5 - in the default layout:
> <?php
> $dashboardUrl = array('controller'=>'users', 'action'=>'dashboard');
> if (!empty($user['role'])) {
> $dashboardUrl[$user['role']] = true;
> }
> echo $this->Html->link('My Dashboard', $dashboardUrl);
> ?>
>
>
> Now the whole thing works and I can follow most of whats going on, but
> I'm confused with the last line in the isAuthorized method. What
> exactly does return (empty($neededRole) || strcasecmp($role, 'admin')
> == 0 || strcasecmp($role, $neededRole) == 0); actually return?
>
> Also, the above code works fine and when I log in as someone who is an
> admin they can view the admin_dashboard ok, but there after it seems
> any other link has an admin prefix. How do I stop that happening? I
> don't want to have to create an admin_ method for everything including
> the homepage!
>
> thanks in advance - Cake rules!
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> cake-php+unsubscr...@googlegroups.com For more options, visit this group at
> http://groups.google.com/group/cake-php
>
--
- S
+44 (0)7908 069 219
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
