Re: Many-to-many ACL
On Friday, 2 November 2012 06:57:13 UTC+7, Daniel Hdez wrote: > > Hello, hey i have the same problem, do you find a solution yet? greetings! > :) > If you read the thread, you'll find the solution in front of you :p -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Many-to-many ACL
Hello, hey i have the same problem, do you find a solution yet? greetings! :) -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Many-to-many ACL
Or you can use this plugin: https://github.com/ceeram/Authorize and set AuthComponent up with HabtmDbAclAuthorize Op maandag 21 mei 2012 14:35:32 UTC+2 schreef rahajiyev het volgende: > > > > On May 16, 1:23 am, Justin Edwards wrote: > > > To DB > > > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... > > > > > Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nevermind, I think I got Oracle working with 2.1 thanks to this tutorial and a bit more thumb twiddling: http://www.hassanbakar.com/2012/01/09/using-oracle-in-cakephp-2-0/comment-page-1/#comment-38958 At the very least I could get pagination working. On May 21, 5:35 pm, rahajiyev wrote: > On May 16, 1:23 am, Justin Edwards wrote: > > > To DB > > >https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... > > Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 16, 1:23 am, Justin Edwards wrote: > To DB > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... > Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
OK, I've worked around this deficiency by doing 2 things: (1) added 'recursive' => 1 to AuthI public $components = array( 'Auth' => array( 'authenticate' => array('Form' => array('userModel' => 'Milli', 'recursive' => 1)), (2) writing afterFind() callback in my model: public function afterFind(array $query) { if (count($query) == 1) { # single result fetched $record = &$query[0]; if (isset($record['Role']) && is_array($record['Role'])) { $roles = array(); foreach ($record['Role'] as $role) $roles[] = $role['RolesUser'] ['role_id']; $record[$this->alias]['Role'] = $roles; unset($record['Role']); } } return $query; } You bet this is ugly! But works. There's one small problem, though. When I remove currently logged in user's role to access a specific resource, he can still do so. Looks like authorize() accesses Session data, and Session has active user roles cached. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried adding joins in my User model beforeFind(): public function beforeFind(array $query) { $query['joins'] = array( array( 'table' => 'roles_users', 'alias' => 'RolesUser', 'type' => 'INNER', 'conditions' => array('Milli.id=RolesUser.user_id')), array( 'table' => 'roles', 'alias' => 'Role', 'type' => 'INNER', 'conditions' => array('RolesUser.role_id=Role.id'))); return $query; } Now Model::find() correctly does receives the join info: /lib/Cake/Model/Model.php (line 2676) array( 'conditions' => array( 'Milli.username' => 'rihad', 'Milli.password' => '17bce4ac9c39019189b7bba280af55de9fe1d9a7' ), 'fields' => null, 'joins' => array( (int) 0 => array( 'table' => 'roles_users', 'alias' => 'RolesUser', 'type' => 'INNER', 'conditions' => array( (int) 0 => 'Milli.id=RolesUser.user_id' ) ), (int) 1 => array( 'table' => 'roles', 'alias' => 'Role', 'type' => 'INNER', 'conditions' => array( (int) 0 => 'RolesUser.role_id=Role.id' ) ) ), 'limit' => (int) 1, 'offset' => null, 'order' => array( (int) 0 => null ), 'page' => (int) 1, 'group' => null, 'callbacks' => true, 'recursive' => (int) 2 But the User is still fetched with Role side by side, so BaseAuthenticate ignores Role. array( (int) 0 => array( 'Milli' => array( 'password' => '*', 'id' => (int) 6, 'username' => 'rihad', 'password_expiration' => null, 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-18 10:14:07', 'last_accessed' => null ), 'Role' => array( (int) 0 => array( 'id' => (int) 1, 'alias' => 'operations', 'RolesUser' => array( 'id' => (int) 6, 'role_id' => (int) 1, 'user_id' => (int) 6 ) ) ) ) ) I'm expecting Role to be nested inside Milli, or something like that. Please help, it's a SNAFU, I've invested too much of my limited time to get the job done, it's too late to go looking for a working framework :( I admit that it's probably a misconfiguration from my part. But I can't fix it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I should probably specify manual joins required for HABTM relations, as described in the docs (see Joining Tables towards the end). But how do I tweak the joins? AFAIK they can only be specified in the find() calls, and those are performed internally by the Auth subsystem. So what should I do? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I tracked down the issue to BaseAuthenticate::_findUser() Even though it correctly joins user table to roles and fetches them both, Role isn't nested in user, so to speak: $result is: array( 'Milli' => array( 'id' => (int) 6, 'username' => 'rihad', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-18 10:14:07', ), 'Role' => array( (int) 0 => array( 'id' => (int) 1, 'alias' => 'operations', 'RolesUser' => array( 'id' => (int) 6, 'role_id' => (int) 1, 'user_id' => (int) 6 ) ) ) ) so when _findUser() returns $result[$model] back to FormAuthenticate, all it gets is: array( 'id' => (int) 6, 'username' => 'rihad', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-18 10:14:07', ) What should I do? I'm sure it's a misconfiguration because folks have probably used TinyAuthorize with HABTM roles. On May 17, 8:33 pm, rihad wrote: > I've tried copying auth stuff to User, and modified routes > accordingly, it didn't help. > User is a prefixed (/admin) controller for creating operators that > will be using the app based on their roles in non-prefixed URLs. > The authentication of /admin itself happens in Apache. The creator of > operators through CRUD doesn't need to use the app itself. > > On May 17, 7:34 pm, Justin Edwards wrote: > > > > > > > > > I've never tried to make the User model be named anything else. I have > > users and roles many to many on both sides though. > > >https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model > > >https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried increasing recursive in my Auth settings: public $components = array( 'Session', 'Auth' => array( 'authenticate' => array('Form' => array('userModel' => 'Milli', 'recursive' => 1)), 'authorize' => array('Tiny' => array('aclModel' => 'Role')), And now _findUser() in BaseAuthenticate.php indeed starts fetching the user deeply with its Role. array( 'Milli' => array( 'password' => '*', 'id' => (int) 6, 'username' => 'rihad', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-18 10:14:07' ), 'Role' => array( (int) 0 => array( 'id' => (int) 1, 'alias' => 'operations', 'RolesUser' => array( 'id' => (int) 6, 'role_id' => (int) 1, 'user_id' => (int) 6 ) ) ) ) But TinyAuth still is getting the shallow user in its authorize(). array( 'id' => (int) 6, 'username' => 'rihad', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-18 10:14:07', ) What's going on? The session (/tmp/sess_* files) is lacking the Role stuff. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried copying auth stuff to User, and modified routes accordingly, it didn't help. User is a prefixed (/admin) controller for creating operators that will be using the app based on their roles in non-prefixed URLs. The authentication of /admin itself happens in Apache. The creator of operators through CRUD doesn't need to use the app itself. On May 17, 7:34 pm, Justin Edwards wrote: > I've never tried to make the User model be named anything else. I have > users and roles many to many on both sides though. > > https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.phphttps://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 17, 7:34 pm, Justin Edwards wrote: > I've never tried to make the User model be named anything else. I have > users and roles many to many on both sides though. > > https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.phphttps://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php > Thanks. Mark said that too small "recursive" might be an issue, although its default setting of 1 should be enough to reach the roles. This looks like the most probable reason because TinyAuthorize::authorize() receives plain $user with no joins. I'll check that tomorrow. I'll also try adding the other side of HABTM to Role. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've never tried to make the User model be named anything else. I have users and roles many to many on both sides though. https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.php https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php On Thu, May 17, 2012 at 6:50 AM, rahajiyev wrote: > Nope it doesn't work :( > authorize() in TinyAuthorize receives $user that lacks any joins to > roles table: > > array( >'id' => (int) 6, >'username' => 'rihad', > 'created' => '2012-05-15 16:30:10', > 'modified' => '2012-05-17 16:36:24', > ) > > so of course it can't find $user['Role'] > Here's my user class: > class Milli extends AppModel { >public $hasAndBelongsToMany = array( >'Role' => array( >'className' => 'Role', >'joinTable' => > 'roles_users', >'foreignKey'=> 'user_id', >'assosciationForeignKey'=> 'role_id', >'unique'=> > 'keepExisting')); > } > > class Role is empty. > > class MilliController extends AppController >public $components = array( >'Session', >'Auth' => array( >'loginRedirect' => array('controller' => > 'milli', 'action' => 'index'), >'logoutRedirect' => array('controller' => > 'milli', 'action' => 'index'), > 'authenticate' => array('Form' => > array('userModel' => 'Milli')), > 'authorize' => array('Tiny' => > array('aclModel' => 'Role')), > 'loginAction' => array('controller' => > 'milli', 'action' => 'login'))); > >public function beforeFilter() { > $this->Auth->allow('login', 'logout'); >} > > Please help... > > On May 17, 11:53 am, rahajiyev wrote: > > OK, so I changed 'Role' to 'role' in Configure::write and it seems to > > work. I'm able to log in, and access an action that my role is > > permitted to access (as per acl.ini). > > But a strange thing happens when I attempt to access an action that > > I'm not permitted to. Instead of redirecting me to the /login page due > > to inappropriate permissions, I get silently redirected to / which I > > AM permitted to access. What's going on? > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group > at http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nope it doesn't work :( authorize() in TinyAuthorize receives $user that lacks any joins to roles table: array( 'id' => (int) 6, 'username' => 'rihad', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-17 16:36:24', ) so of course it can't find $user['Role'] Here's my user class: class Milli extends AppModel { public $hasAndBelongsToMany = array( 'Role' => array( 'className' => 'Role', 'joinTable' => 'roles_users', 'foreignKey'=> 'user_id', 'assosciationForeignKey'=> 'role_id', 'unique'=> 'keepExisting')); } class Role is empty. class MilliController extends AppController public $components = array( 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'milli', 'action' => 'index'), 'logoutRedirect' => array('controller' => 'milli', 'action' => 'index'), 'authenticate' => array('Form' => array('userModel' => 'Milli')), 'authorize' => array('Tiny' => array('aclModel' => 'Role')), 'loginAction' => array('controller' => 'milli', 'action' => 'login'))); public function beforeFilter() { $this->Auth->allow('login', 'logout'); } Please help... On May 17, 11:53 am, rahajiyev wrote: > OK, so I changed 'Role' to 'role' in Configure::write and it seems to > work. I'm able to log in, and access an action that my role is > permitted to access (as per acl.ini). > But a strange thing happens when I attempt to access an action that > I'm not permitted to. Instead of redirecting me to the /login page due > to inappropriate permissions, I get silently redirected to / which I > AM permitted to access. What's going on? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Ok, so I created two more tables: roles: id int primary key; name varchar; roles_users: id int primary key; role_id foreign key roles(id); user_id foreign key users(id); and authorization automagically figures out where to allow the currently logged in user. But there's one thing. When paginating list of users, how can I get at the user's roles? User model hasAndBelongsToMany('Role') but still role information isn't included. public function index() { $this->User->recursive = 0; $this->set('users', $this->paginate()); } -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Do I still need to use a many-to-many roles_users table if I want each user to possess multiple roles? How do I go about that? Unfortunately this tutorial doesn't go into much detail: http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
OK, so I changed 'Role' to 'role' in Configure::write and it seems to work. I'm able to log in, and access an action that my role is permitted to access (as per acl.ini). But a strange thing happens when I attempt to access an action that I'm not permitted to. Instead of redirecting me to the /login page due to inappropriate permissions, I get silently redirected to / which I AM permitted to access. What's going on? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
> In > AuthComponent's authorize() I could see that it's attempting to access > $user[$this->settings['aclModel']]) I meant to say TinyAuthorize's authorize(). -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Thanks, Justin. But now I'm getting "You are not authorized to access that location." flash error and kicked back to /login. In AuthComponent's authorize() I could see that it's attempting to access $user[$this->settings['aclModel']]) and failing that triggers error: Notice (1024): Missing acl information (Role/role_id) in user session [APP/Controller/Component/Auth/TinyAuthorize.php, line 78] settings['aclModel'] is 'Role' as per default so it basically tries $user->['Role'] My $user looks like this: array( 'id' => (int) 6, 'username' => 'rihad', 'role' => 'can-do-this', 'created' => '2012-05-15 16:30:10', 'modified' => '2012-05-17 10:39:17', ) it indeed lacks 'Role' field. Should I simply change $this- >authorize['aclModel'] = 'Role' ? I have this in Config/core.php: Configure::write('Role', array( 'can-do-this' => 1, 'can-do-that => 2, )); to emulate a missing table. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
app/Controller/Component/Auth On Wed, May 16, 2012 at 11:29 AM, rihad wrote: > On May 16, 1:23 am, Justin Edwards wrote: > > http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest... > > > > To DB > > > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... > > > > > I'm having a hard time choosing the right place for this code. Where > do I put it cleanly? I tried dropping it off in Plugin/ but Cake won't > find it. > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group > at http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 16, 1:23 am, Justin Edwards wrote: > http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest... > > To DB > > https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... > > I'm having a hard time choosing the right place for this code. Where do I put it cleanly? I tried dropping it off in Plugin/ but Cake won't find it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Bingo! By reading the source of AuthComponent and sprinkling "debug($var); exit;" here and there I tracked after its construction that $this->_authenticateObjects looked like this: array( (int) 0 => object(FormAuthenticate) { settings => array( 'fields' => array( 'password' => '*', 'username' => 'username' ), 'userModel' => 'Users', 'scope' => array(), 'recursive' => (int) 0 ) } ) The model was still Users! So a change was trivial: in MilliController.php.: changed'authenticate' => array('Form' ), to this: 'authenticate' => array('Form' => array('userModel' => 'Milli')), for now the logging in passes through. The docs for auth are severely lacking. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Here's what PostgreSQL logs when I click the Login button as above: 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0001: SET search_path TO public 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0001 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0002: SELECT table_name as name FROM INFORMATION_SCHEMA.tables WHERE table_schema = $1 2012-05-16 17:00:03 AZST DETAIL: parameters: $1 = 'public' 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0003: SELECT DISTINCT table_schema AS schema, column_name AS name, data_type AS type, is_nullable AS null, column_default AS default, ordinal_position AS position, character_maximum_length AS char_length, character_octet_length AS oct_length FROM information_schema.columns WHERE table_name = $1 AND table_schema = $2 ORDER BY position 2012-05-16 17:00:03 AZST DETAIL: parameters: $1 = 'users', $2 = 'public' 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0003 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0002 Apparently it doesn't attempt to query users table itself. But if I remove the users table clicking login barfs that table users does not exist, so there's something else stopping it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Now I cannot authenticate. Just simple authentication only for now. AFAIK Auth is supposed to automagically check columns username & password in the table. Yet it doesn't work. Here's what I do: visit example.org/, get redirected to example.org/login, enter valid username & pass, and get the same login URL with flash error: "Invalid username or password, try again". No SQL queries get logged as far as I can tell (debug>0). Model/Milli.php is empty class MilliController extends AppController { public $paginate = array('limit' => 5); public $components = array( 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'milli', 'action' => 'index'), 'logoutRedirect' => array('controller' => 'milli', 'action' => 'index'), 'authenticate' => array('Form'), 'loginAction' => array('controller' => 'milli', 'action' => 'login'))); public function beforeFilter() { #parent::beforeFilter(); $this->Auth->allow('login', 'logout'); #$this->Auth->allow('*'); } public function login() { if ($this->request->isPost()) { if ($this->Auth->login()) { $this->redirect($this->Auth- >redirect()); } else { $this->Session->setFlash(__('Invalid username or password, please try again')); } } } public function logout() { $this->redirect($this->Auth->logout()); } public function index() { } } View/Milli/login.ctp: Session->flash('auth'); ?> Form->create('Milli');?> Form->input('username'); echo $this->Form->input('password'); ?> Form->end(__('Login'));?> Config/routes.php: Router::connect('/', array('controller' => 'milli', 'action' => 'index')); Router::connect('/:action', array('controller' => 'milli')); -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nothing's better than reading Cake code :-p In ../lib/Cake/Controller/Component/AuthComponent.php: public $loginAction = array( 'controller' => 'users', 'action' => 'login', 'plugin' => null ); So users is hardcoded... -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I could narrow this down to these lines: public $components = array( 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'operators', 'action' => 'index'), 'logoutRedirect' => array('controller' => 'operators', 'action' => 'index'))); public function beforeFilter() { parent::beforeFilter(); $this->Auth->allow('login', 'logout'); } if I remove them, the strange redirect example.org/ => example.org/ users/login does not happen. What's going on? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Thanks, I'm trying to use it. Something strange is going on (probably unrelated to the TinyAuth plugin). When I visit the root of the site (http://example.org/) I expect Cake to redirect to operators/login, but it instead gets me to users/login. There IS a UsersController, but it's prefixed under /admin like this: Router::connect('/admin', array('controller' => 'users', 'action' => 'index', 'admin' => true)); Here's my Controller/OperatorsController.php: class OperatorsController extends AppController # (AppController is empty) { public $components = array( 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'operators', 'action' => 'index'), 'logoutRedirect' => array('controller' => 'operators', 'action' => 'index'))); public function beforeFilter() { parent::beforeFilter(); $this->Auth->allow('login', 'logout'); } public function login() { if ($this->request->isPost()) { if ($this->Auth->login()) { $this->redirect($this->Auth- >redirect()); } else { $this->Session->setFlash(__('Invalid username or password, try again')); } } } public function logout() { $this->redirect($this->Auth->logout()); } public function index() { } } Here.s my Config/routes.php Router::connect('/', array('controller' => 'operators', 'action' => 'index')); Router::connect('/admin', array('controller' => 'users', 'action' => 'index', 'admin' => true)); Router::connect('/:action', array('controller' => 'operators')); #Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display')); CakePlugin::routes(); require CAKE . 'Config' . DS . 'routes.php'; Can you tell me why it keeps throwing me to an unrelated users/login? I'm not even accessing that controller. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/Component/Auth/TinyAuthorize.php On Tue, May 15, 2012 at 1:47 PM, rihad wrote: > Hi. I need users to belong to more than one role. Like "Can-do-this", > "Can-do-that", etc. I think a many-to-many relationship fits this > need. Like this (in pseudo-sql) > > table users: > id int primary key; > name varchar; > > table roles: > id int primary key; > name varchar; > > table roles_users: > id int primary key; > user_id foreign key users(id); > role_id foreign key roles(id); > > So each user can have multiple roles listed in roles_users. I looked > at the ACL tutorial: > > http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html > but it only makes use of a single group_id. Cake's Auth subsystem > looks fine to me. Can I use it with multiple roles described above? > Thanks. > > -- > Our newest site for the community: CakePHP Video Tutorials > http://tv.cakephp.org > Check out the new CakePHP Questions site http://ask.cakephp.org and help > others with their CakePHP related questions. > > > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.com For more options, visit this group > at http://groups.google.com/group/cake-php > -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Many-to-many ACL
Hi. I need users to belong to more than one role. Like "Can-do-this", "Can-do-that", etc. I think a many-to-many relationship fits this need. Like this (in pseudo-sql) table users: id int primary key; name varchar; table roles: id int primary key; name varchar; table roles_users: id int primary key; user_id foreign key users(id); role_id foreign key roles(id); So each user can have multiple roles listed in roles_users. I looked at the ACL tutorial: http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html but it only makes use of a single group_id. Cake's Auth subsystem looks fine to me. Can I use it with multiple roles described above? Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php