Hi there, just bumping this - I would have thought that someone may
have some insight into an important core
part of the framework misbehaving?
On Apr 12, 9:31 am, Tonu Tusk wrote:
> Hi guys, I have had problems with this in the past (with a workable
> hack which might break things in the future)
>
> Basically, I have the following scenario. I have Auth and Acl setup as
> in the tutorial (actions based authentication)
>
> now if I have an authenticated user but who has restricted access to a
> url "mysite.com/restricted/page"
>
> I get a variety of behaviours based on how I access the page.
>
> If I try to access the page whilst not logged on and then logging on,
> I get a redirect, If I am logged on and directly enter the url (no
> referer) I get redirected to home ('/') and if I try to access the
> restricted page via a link in an accessible page in the app, nothing
> happens (well obviously cake is restricting access and then
> redirecting me to the referer which is the page I am already on)
>
> Ideally, I would like the option o being able to be redirected to an
> "unauthorised notification" page if I chose, but I want to be able to
> catch all of the above occurrences without hacking auth.php
>
> My simple solution is just to implement AppController::referer() to
> always return my unauthorised notification page - the cirucmstances I
> have found out of the box that result in it being used for a
> redirection meet my criteria, but this is obviously flaky testing, and
> also then restricts the possibility of me using referer for anything
> else in the app in the future.
>
> The second solution (currently) is adding extra logic to the login
> function (to catch some special case redirections), moving the
> authentication type to "controller" and implementing AppController
> isAuthorized() to basically manually pass the current data through to
> Acl::Check, but in the process, internally flagging up if an
> unauthorized page has been requested and no page had yet been rendered
> as a result of any redirects, and then using this flag in the
> implemented referer method to try and retain referer's standard
> behaviour wherever possible.
>
> This just seems really long winded, and as noted before, is going to
> be a nightmare to test for all possible scenarios of the use of app.
>
> Surely with the imminent release of 1.3 there should not have to be
> workarounds for such a fundamental component, or am I missing
> something?
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
To unsubscribe, reply using "remove me" as the subject.