Re: Admin + Members suggested setup??
To reduce the problem of writing two views, you can use elements, and use those elements in both views for the bits that are common. For instance I have a code snippet that includes a list that is used in multiple views that looks like: echo $this-element('signup_list', array( 'slots' = $availableSlots )); Seems to me that the difference would then be the the additional bits you put in the admin view, which would protect them from the non-admin user. It also makes testing easier since you can log in as admin and have the same view as a user. On Oct 31, 10:40 am, Brenton B [EMAIL PROTECTED] wrote: Thanks everyone for the useful tips, that helps a lot, which means I may have to restructure some stuff. Mostly, I think I was getting confused by the fact that with having `index` and `admin_index` I ended up doing 2 different views, where the difference was only whether or not to include an 'edit' link in the list ... which all seemed redundant, because any small change I'd make to one, I'd have to make to the other and seemed a bit more efficient to have a single view with checks for if they have permission or not. Cheers On Oct 31, 1:49 am, Adam Royle [EMAIL PROTECTED] wrote: Admin routing as more useful in a CMS-style site where there are clearly two distinct areas display of site data, and administering site data, which both could differ greatly in controller view code, rather than just acl permissions. Hope that clears things up. Cheers, Adam On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
I've created some sites with multiple admin routes (i.e. members and admin) although only in 1.1 - there is an article about it in the bakery: http://bakery.cakephp.org/articles/view/using-cake_admin-for-multiple-user-types - it works very well. I seem to remember reading that this is built in in 1.2, but haven't tried this out yet - I imagine you would just specify an array of possible routes in /config/core.php, but I could be wrong - although it would be easy to find out... Personally I would see it as working in a complementary with permissions systems (ACL) so for instance you might specify a group with access to the admin methods, a group with access to members methods and then the methods that represent your public facing (and authentication free) site. So in a way it a just about keeping things nice and tidy. Use Auth to take care of a user login, but it is up to you to decide where to let somebody go once they have logged in - I would say that is what ACL is for. Maybe it is more an issue of philosophy - you need to find a way of working and structuring things that is good for you - even within the constraints of Cake there are often many ways of doing things. On Oct 28, 8:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Admin routing as more useful in a CMS-style site where there are clearly two distinct areas display of site data, and administering site data, which both could differ greatly in controller view code, rather than just acl permissions. Hope that clears things up. Cheers, Adam On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Admin routing and ACL are two different things, admin routing is just a quick way to have some action not accessible from everybody with a few efforts. And from what i know (but it should be cheched) at least in Cake 1.2 there's also the availability of some super_admin methods. Anyway a nice advantage in using admin routing, in respect of making your own checks, is that you can do ONCE in the before_filter action of the AppController (the controller from which every other controller inherits) the check, and you have to check only one param of the request: 'admin'. Here an example: class AppController extends Controller{ . function beforeFilter() { // if admin pages are being requested if(isset($this-params['admin'])){ if (!$this-Session-check('User')) { // set flash message and redirect $this-Session-setFlash('You need to be logged in to access this area'); $this-redirect('/users/login/?redir='.$this-params['url'] ['url'],true); } } //If already logged in change the layout to admin $this-layout='admin_theme'; } . } Of course this method can be used only for simple and small applications, if you need more complex authentication and authorization, you should consider using Auth and ACL components. Bye, Andrea On Oct 30, 7:51 pm, Brenton B [EMAIL PROTECTED] wrote: Is the Admin routing intended as strictly for Root Admin? Or anyone that can log in? just seems a bit vague. On Oct 29, 11:54 am, Brenton B [EMAIL PROTECTED] wrote: Essentially ... what makes the Admin Routing so special, and why should I use it? What's the advantage over just having all the checks in my own code? (ex: checks that they're logged in as admin and have the right permissions) On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Thanks everyone for the useful tips, that helps a lot, which means I may have to restructure some stuff. Mostly, I think I was getting confused by the fact that with having `index` and `admin_index` I ended up doing 2 different views, where the difference was only whether or not to include an 'edit' link in the list ... which all seemed redundant, because any small change I'd make to one, I'd have to make to the other and seemed a bit more efficient to have a single view with checks for if they have permission or not. Cheers On Oct 31, 1:49 am, Adam Royle [EMAIL PROTECTED] wrote: Admin routing as more useful in a CMS-style site where there are clearly two distinct areas display of site data, and administering site data, which both could differ greatly in controller view code, rather than just acl permissions. Hope that clears things up. Cheers, Adam On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Is the Admin routing intended as strictly for Root Admin? Or anyone that can log in? just seems a bit vague. On Oct 29, 11:54 am, Brenton B [EMAIL PROTECTED] wrote: Essentially ... what makes the Admin Routing so special, and why should I use it? What's the advantage over just having all the checks in my own code? (ex: checks that they're logged in as admin and have the right permissions) On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Essentially ... what makes the Admin Routing so special, and why should I use it? What's the advantage over just having all the checks in my own code? (ex: checks that they're logged in as admin and have the right permissions) On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Admin + Members suggested setup??
Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---