subject:"Auth\\\\\\\:\\\\\\\:authorize \\\\\\\- controller \\\\\\\-\\\\\\\- How to handle guests\\\\\\\?"

Re: Auth::authorize - controller -- How to handle guests?

2010-06-29 Thread Shaz

You can add $this-Auth-allowedActions = array('action');  to the
app_controller.php for all controllers rather than having to set it
for every single controller. Can't think of anything else other than
that.

On Jun 24, 2:52 pm, Melanie Sommer melanie-som...@mailinator.com
wrote:
 Hello,

 I am using AuthComponent with authorization from the controller. Thus
 my app_controller.php looks like

 ##
 class AppController extends Controller {
 var $components = array('Auth','RequestHandler');
 var $uses = array('User');
 public function beforeFilter(){
     $this-User-contain('Group');
     if(isset($this-Auth)){
         parent::beforeFilter();
         $this-Auth-authorize = 'controller';
     }}

 function isAuthorized(){
     $allowedActions = array(
         'model'  = array(
             'action' = array(id1,id2,id3)
             ...
         ...
         )
     $group_id = $this-Auth-user('group_id');
     if(isset($allowedActions[low($this-name)])){
         $controllerActions = $allowedActions[low($this-name)];
         if(isset($controllerActions[$this-action]) 
             in_array($group_id,$controllerActions[$this-action])){
             return true;
         }
         return false;
     }}
 }

 ##

 I would like to handle access of guests directly in the
 $allowedActions array.

 First I thought, I could simply check whether $this-Auth-user('group_id'); 
 returns a value and if not, set $group_id to a

 value that I use in the $allowedActions array for guest access.
 isAuthorized would then return true if the guest tries to access an
 allowed model/action and false if a prohibited model/action, just as
 it does for logged-in users.

 But the function isAuthorized() seems to be only called if a user is
 logged in, so this approach does not help me at all.

 I know that I can use
         public function beforeFilter(){
                 parent::beforeFilter();
                 $this-Auth-allowedActions = array('action');
         }
 in every controller for which I want some actions to be accessible for
 guests, but that is very inconvenient.

 Is there a way that cake calls isAuthorized even if no user is logged
 in (or set a parameter so that cake thinks a user is logged in)? (or
 an other, better way to solve this problem)

 Thank you for your help!
 Melanie

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Auth::authorize - controller -- How to handle guests?

2010-06-24 Thread Melanie Sommer

Hello,

I am using AuthComponent with authorization from the controller. Thus
my app_controller.php looks like

##
class AppController extends Controller {
var $components = array('Auth','RequestHandler');
var $uses = array('User');
public function beforeFilter(){
$this-User-contain('Group');
if(isset($this-Auth)){
parent::beforeFilter();
$this-Auth-authorize = 'controller';
}
}
function isAuthorized(){
$allowedActions = array(
'model'  = array(
'action' = array(id1,id2,id3)
...
...
)
$group_id = $this-Auth-user('group_id');
if(isset($allowedActions[low($this-name)])){
$controllerActions = $allowedActions[low($this-name)];
if(isset($controllerActions[$this-action]) 
in_array($group_id,$controllerActions[$this-action])){
return true;
}
return false;
}
}
}
##


I would like to handle access of guests directly in the
$allowedActions array.

First I thought, I could simply check whether $this-Auth-
user('group_id'); returns a value and if not, set $group_id to a
value that I use in the $allowedActions array for guest access.
isAuthorized would then return true if the guest tries to access an
allowed model/action and false if a prohibited model/action, just as
it does for logged-in users.

But the function isAuthorized() seems to be only called if a user is
logged in, so this approach does not help me at all.

I know that I can use
public function beforeFilter(){
parent::beforeFilter();
$this-Auth-allowedActions = array('action');
}
in every controller for which I want some actions to be accessible for
guests, but that is very inconvenient.

Is there a way that cake calls isAuthorized even if no user is logged
in (or set a parameter so that cake thinks a user is logged in)? (or
an other, better way to solve this problem)

Thank you for your help!
Melanie

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

Re: Auth::authorize - controller -- How to handle guests?

Auth::authorize - controller -- How to handle guests?

2 matches

Site Navigation

Mail list logo

Footer information