Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Just in case you want to keep the controllers lean and all that authorize
code out of it in a central file,
you might be interested in taking a look
at
http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/
I always like to code DRY and with clear responsibilities.
Mark
Am Donnerstag, 25. September 2014 18:06:55 UTC+2 schrieb MarkB:
Actually, it wasn't the *beforeFilter*... I had actually also not set up
the access rights in my various controllers *isAuthorized *functions
public function isAuthorized($user) {
if (in_array($this-action, array('dashboard','edit','etcetera'))) {
return true;
}
return parent::isAuthorized($user);
}
*I know... RTFM.*
*:)*
On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote:
I think you will need to refer to the passed $user argument as shown in
the docs:
http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) $user['role'] === 'admin') {
return true;
}
// Default deny
return false;
}
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
I think you will need to refer to the passed $user argument as shown in the
docs:
http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) $user['role'] === 'admin') {
return true;
}
// Default deny
return false;
}
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
The truth is, I could never even get the blog tutorial authentication
working for some reason, let alone the authorization, and so moved onto
using some other code from a tutorial that someone else had done based upon
the 'official' one and to extend it further. Which is how it got
incorporated into my app.
I've just tried to use that 'official' code again, and it's working! I must
have done something else wrong when doing the original tutorial that I
fixed somehow.
The other thing I had also neglected to do was add or update the Auth part
of my controllers *public function beforeFilter()*
Great! Saves me a lot of donkey work and frustration.
Thanks for suggesting I get back to basics Dario :)
On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote:
I think you will need to refer to the passed $user argument as shown in
the docs:
http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) $user['role'] === 'admin') {
return true;
}
// Default deny
return false;
}
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Actually, it wasn't the *beforeFilter*... I had actually also not set up
the access rights in my various controllers *isAuthorized *functions
public function isAuthorized($user) {
if (in_array($this-action, array('dashboard','edit','etcetera'))) {
return true;
}
return parent::isAuthorized($user);
}
*I know... RTFM.*
*:)*
On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote:
I think you will need to refer to the passed $user argument as shown in
the docs:
http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) $user['role'] === 'admin') {
return true;
}
// Default deny
return false;
}
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Hi,
I've the blog tutorial and am working on my own app, an event booking
system, which has user registration with two user roles - unsurprisingly
called 'user' and 'admin'. :)
I want 'users' to be able to change their own details and book on an event,
and 'admins' to be able to do the usual adminy things.
Authentication is working okay, but I can't get the authorisation element
to work, using isAuthorized($user). If I log in as a non-admin user, I can
still access the admin functions (by directly typing in the URL), all of
which are prefixed with 'admin_'
I've looked all over this forum and beyond, but I can't find a solution.
Can anyone please take a look at my code and see where I might be going
wrong? It's starting to drive me mad and I'm thinking of just sticking a
simple 'is the user an admin?' within each and every admin function.
I've tried it with and without *Configure::write('Routing.prefixes',
array('admin')); *in my app's *core.php*
(I've edited out non-relevent code for brevity)
*AppController.php*
*App::uses('Controller', 'Controller'); class AppController extends
Controller { public $components = array( 'Session','Auth' =
array('loginRedirect' = array('controller' = 'users',
'action' = 'dashboard'),'logoutRedirect' = array('controller'
= 'pages', 'action' = 'home'), 'authError' = 'You must be logged in to
view this page.', 'loginError' = 'Invalid username or password entered,
please try again.', 'authenticate' = array( 'Form' =
array('passwordHasher' = 'Blowfish', array('fields' = array('username' =
'email', 'authorize' = array('Controller') )); pages that can
be viewed without being logged in public function beforeFilter() {
$this-Auth-allow('login','index','add','home');} check to see
logged-in user is an admin public function isAuthorized($user) {//
Any registered user can access public functionsif
(empty($this-request-params['admin'])) {return true;
}// Only admins can access admin functionsif
(isset($this-request-params['admin'])) {return
(bool)($user['role'] === 'admin');}// Default deny
return false;}}*
*UsersController.php*
*App::uses('AppController', 'Controller');class UsersController extends
AppController {public $helpers = array('Html', 'Form', 'Session');
public $components = array('Session'); public function beforeFilter()
{parent::beforeFilter();
$this-Auth-allow('login','index');} public function login() { //
if we get the post information, try to authenticate if
($this-request-is('post')) { if ($this-Auth-login()) {
$this-Session-setFlash(__('Welcome, '. $this-Auth-user('fullname')));
$this-redirect($this-Auth-redirectUrl()); } else {
$this-Session-setFlash(__('Invalid username or password')); } } }
public function dashboard() { code for dashboard stuff}
/ all the other code.}*
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
CakePHP group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
