Re: A little help with auth. :)
yes, that's what i was meaning to imply with $requiredLevel = xxx($this->action); $this->action gives you the name of the current action. Replace "xxx" with an array access or a function/method call that returns the required access level for the given action. On Oct 20, 4:12 am, xtraorange wrote: > Is there any way to do that at the action level, rather than the > controller level? Different actions may have different userlevel > requirements. > > On Oct 19, 7:18 pm, jsalonen wrote: > > > > > > > > > The easiest way to do it is probably simpler than you think: set the > > $authorize variable of AuthComponent to "controller", and add > > isAuthorized method to your controllers, kind of like: > > > function beforeFilter() { > > $this->Auth->authorize = 'controller'; > > > } > > > function isAuthorized() { > > // get access level from user's profile > > $accessLevel = $this->Auth->user('access_level'); > > // find the required access level for $this->action > > $requiredLevel = xxx($this->action); > > return $accessLevel >= $requiredLevel; > > > } > > > You could implement "xxx" with an array of numbers or what ever you > > like... > > > By the way you could use ACL for the same effect: ACOs don't have to > > be "actions." They can just as well be user roles, and then you use > > ACL to check if a given user has access to the required role. More > > flexible but probably not worth the effort for the simpler cases. > > > On Oct 20, 1:48 am, xtraorange wrote: > > > > Howdy all, > > > > ACL seems to just be too complicated for what I'm doing, particularly > > > with all the actions I have... the table is hard to keep organized, > > > and it's way too hard to edit permissions. So I'm looking for > > > something else. > > > > The site I'm building has need for multiple user levels, but the user > > > would only need to belong to one of these levels (for example, user, > > > moderator, admin, site master). > > > > Here's what I'm thinking: > > > An auth function I can put at the top of an action that I can either > > > pass a number to, or an array of numbers to, as a minimum "level" for > > > the user to access that action (or in the case of an array, each level > > > defined as true/false). Each user would then simply have a number in > > > their user data that would indicate their level. > > > > Questions: > > > 1. Is there anything wrong with this (other than the fact that it > > > goes against the grain of typical ACL)? > > > 2. What would be the easiest way to implement this? Extend the auth > > > class with a custom class and add my functions, or a new class, or > > > just a function? > > > 3. Any other suggestions that would handle what I'm looking for that > > > I'm not considering? > > > > Thank you! > > > xtraorange Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: A little help with auth. :)
Just check $this->params['action'] and do different logic based on specific actions. On Oct 19, 7:12 pm, xtraorange wrote: > Is there any way to do that at the action level, rather than the > controller level? Different actions may have different userlevel > requirements. > > On Oct 19, 7:18 pm, jsalonen wrote: > > > The easiest way to do it is probably simpler than you think: set the > > $authorize variable of AuthComponent to "controller", and add > > isAuthorized method to your controllers, kind of like: > > > function beforeFilter() { > > $this->Auth->authorize = 'controller'; > > > } > > > function isAuthorized() { > > // get access level from user's profile > > $accessLevel = $this->Auth->user('access_level'); > > // find the required access level for $this->action > > $requiredLevel = xxx($this->action); > > return $accessLevel >= $requiredLevel; > > > } > > > You could implement "xxx" with an array of numbers or what ever you > > like... > > > By the way you could use ACL for the same effect: ACOs don't have to > > be "actions." They can just as well be user roles, and then you use > > ACL to check if a given user has access to the required role. More > > flexible but probably not worth the effort for the simpler cases. > > > On Oct 20, 1:48 am, xtraorange wrote: > > > > Howdy all, > > > > ACL seems to just be too complicated for what I'm doing, particularly > > > with all the actions I have... the table is hard to keep organized, > > > and it's way too hard to edit permissions. So I'm looking for > > > something else. > > > > The site I'm building has need for multiple user levels, but the user > > > would only need to belong to one of these levels (for example, user, > > > moderator, admin, site master). > > > > Here's what I'm thinking: > > > An auth function I can put at the top of an action that I can either > > > pass a number to, or an array of numbers to, as a minimum "level" for > > > the user to access that action (or in the case of an array, each level > > > defined as true/false). Each user would then simply have a number in > > > their user data that would indicate their level. > > > > Questions: > > > 1. Is there anything wrong with this (other than the fact that it > > > goes against the grain of typical ACL)? > > > 2. What would be the easiest way to implement this? Extend the auth > > > class with a custom class and add my functions, or a new class, or > > > just a function? > > > 3. Any other suggestions that would handle what I'm looking for that > > > I'm not considering? > > > > Thank you! > > > xtraorange Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: A little help with auth. :)
Is there any way to do that at the action level, rather than the controller level? Different actions may have different userlevel requirements. On Oct 19, 7:18 pm, jsalonen wrote: > The easiest way to do it is probably simpler than you think: set the > $authorize variable of AuthComponent to "controller", and add > isAuthorized method to your controllers, kind of like: > > function beforeFilter() { > $this->Auth->authorize = 'controller'; > > } > > function isAuthorized() { > // get access level from user's profile > $accessLevel = $this->Auth->user('access_level'); > // find the required access level for $this->action > $requiredLevel = xxx($this->action); > return $accessLevel >= $requiredLevel; > > } > > You could implement "xxx" with an array of numbers or what ever you > like... > > By the way you could use ACL for the same effect: ACOs don't have to > be "actions." They can just as well be user roles, and then you use > ACL to check if a given user has access to the required role. More > flexible but probably not worth the effort for the simpler cases. > > On Oct 20, 1:48 am, xtraorange wrote: > > > > > > > > > Howdy all, > > > ACL seems to just be too complicated for what I'm doing, particularly > > with all the actions I have... the table is hard to keep organized, > > and it's way too hard to edit permissions. So I'm looking for > > something else. > > > The site I'm building has need for multiple user levels, but the user > > would only need to belong to one of these levels (for example, user, > > moderator, admin, site master). > > > Here's what I'm thinking: > > An auth function I can put at the top of an action that I can either > > pass a number to, or an array of numbers to, as a minimum "level" for > > the user to access that action (or in the case of an array, each level > > defined as true/false). Each user would then simply have a number in > > their user data that would indicate their level. > > > Questions: > > 1. Is there anything wrong with this (other than the fact that it > > goes against the grain of typical ACL)? > > 2. What would be the easiest way to implement this? Extend the auth > > class with a custom class and add my functions, or a new class, or > > just a function? > > 3. Any other suggestions that would handle what I'm looking for that > > I'm not considering? > > > Thank you! > > xtraorange Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: A little help with auth. :)
The easiest way to do it is probably simpler than you think: set the $authorize variable of AuthComponent to "controller", and add isAuthorized method to your controllers, kind of like: function beforeFilter() { $this->Auth->authorize = 'controller'; } function isAuthorized() { // get access level from user's profile $accessLevel = $this->Auth->user('access_level'); // find the required access level for $this->action $requiredLevel = xxx($this->action); return $accessLevel >= $requiredLevel; } You could implement "xxx" with an array of numbers or what ever you like... By the way you could use ACL for the same effect: ACOs don't have to be "actions." They can just as well be user roles, and then you use ACL to check if a given user has access to the required role. More flexible but probably not worth the effort for the simpler cases. On Oct 20, 1:48 am, xtraorange wrote: > Howdy all, > > ACL seems to just be too complicated for what I'm doing, particularly > with all the actions I have... the table is hard to keep organized, > and it's way too hard to edit permissions. So I'm looking for > something else. > > The site I'm building has need for multiple user levels, but the user > would only need to belong to one of these levels (for example, user, > moderator, admin, site master). > > Here's what I'm thinking: > An auth function I can put at the top of an action that I can either > pass a number to, or an array of numbers to, as a minimum "level" for > the user to access that action (or in the case of an array, each level > defined as true/false). Each user would then simply have a number in > their user data that would indicate their level. > > Questions: > 1. Is there anything wrong with this (other than the fact that it > goes against the grain of typical ACL)? > 2. What would be the easiest way to implement this? Extend the auth > class with a custom class and add my functions, or a new class, or > just a function? > 3. Any other suggestions that would handle what I'm looking for that > I'm not considering? > > Thank you! > xtraorange Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
A little help with auth. :)
Howdy all, ACL seems to just be too complicated for what I'm doing, particularly with all the actions I have... the table is hard to keep organized, and it's way too hard to edit permissions. So I'm looking for something else. The site I'm building has need for multiple user levels, but the user would only need to belong to one of these levels (for example, user, moderator, admin, site master). Here's what I'm thinking: An auth function I can put at the top of an action that I can either pass a number to, or an array of numbers to, as a minimum "level" for the user to access that action (or in the case of an array, each level defined as true/false). Each user would then simply have a number in their user data that would indicate their level. Questions: 1. Is there anything wrong with this (other than the fact that it goes against the grain of typical ACL)? 2. What would be the easiest way to implement this? Extend the auth class with a custom class and add my functions, or a new class, or just a function? 3. Any other suggestions that would handle what I'm looking for that I'm not considering? Thank you! xtraorange Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en