Re: Admin + Members suggested setup??
To reduce the problem of writing two views, you can use elements, and
use those elements in both views for the bits that are common.
For instance I have a code snippet that includes a list that is used
in multiple views that looks like:
echo $this-element('signup_list', array( 'slots' =
$availableSlots ));
Seems to me that the difference would then be the the additional bits
you put in the admin view, which would protect them from the non-admin
user.
It also makes testing easier since you can log in as admin and have
the same view as a user.
On Oct 31, 10:40 am, Brenton B [EMAIL PROTECTED] wrote:
Thanks everyone for the useful tips, that helps a lot, which means I
may have to restructure some stuff.
Mostly, I think I was getting confused by the fact that with having
`index` and `admin_index` I ended up doing 2 different views, where
the difference was only whether or not to include an 'edit' link in
the list ... which all seemed redundant, because any small change I'd
make to one, I'd have to make to the other and seemed a bit more
efficient to have a single view with checks for if they have
permission or not.
Cheers
On Oct 31, 1:49 am, Adam Royle [EMAIL PROTECTED] wrote:
Admin routing as more useful in a CMS-style site where there are
clearly two distinct areas display of site data, and administering
site data, which both could differ greatly in controller view code,
rather than just acl permissions.
Hope that clears things up.
Cheers,
Adam
On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote:
Quick question as to what would be the best Cake-y setup:
So I've got a list of Users who can either be Admin, Editors, or
simply Members.
Members can edit their own profiles, but Admin can also edit anyone's
profile (at this point Editors are just normal Members with special
status).
When it comes to admin routing, should that only be used for strictly
Admins and not Members?
Ex:
/profiles/edit - what Members use and there's a check that the
profile matches with the member
/profiles/admin_edit - only Admin uses this.
And how would that all work with ACL? It seems like there's a wee bit
of overlap here.
How have people set this up?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
I've created some sites with multiple admin routes (i.e. members and admin) although only in 1.1 - there is an article about it in the bakery: http://bakery.cakephp.org/articles/view/using-cake_admin-for-multiple-user-types - it works very well. I seem to remember reading that this is built in in 1.2, but haven't tried this out yet - I imagine you would just specify an array of possible routes in /config/core.php, but I could be wrong - although it would be easy to find out... Personally I would see it as working in a complementary with permissions systems (ACL) so for instance you might specify a group with access to the admin methods, a group with access to members methods and then the methods that represent your public facing (and authentication free) site. So in a way it a just about keeping things nice and tidy. Use Auth to take care of a user login, but it is up to you to decide where to let somebody go once they have logged in - I would say that is what ACL is for. Maybe it is more an issue of philosophy - you need to find a way of working and structuring things that is good for you - even within the constraints of Cake there are often many ways of doing things. On Oct 28, 8:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Admin routing as more useful in a CMS-style site where there are clearly two distinct areas display of site data, and administering site data, which both could differ greatly in controller view code, rather than just acl permissions. Hope that clears things up. Cheers, Adam On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Admin routing and ACL are two different things, admin routing is just
a quick way to have some action not accessible from everybody with a
few efforts.
And from what i know (but it should be cheched) at least in Cake 1.2
there's
also the availability of some super_admin methods.
Anyway a nice advantage in using admin routing, in respect of making
your own
checks, is that you can do ONCE in the before_filter action of the
AppController
(the controller from which every other controller inherits) the check,
and
you have to check only one param of the request: 'admin'.
Here an example:
class AppController extends Controller{
.
function beforeFilter() {
// if admin pages are being requested
if(isset($this-params['admin'])){
if (!$this-Session-check('User')) {
// set flash message and redirect
$this-Session-setFlash('You need to be logged in to
access this area');
$this-redirect('/users/login/?redir='.$this-params['url']
['url'],true);
}
}
//If already logged in change the layout to admin
$this-layout='admin_theme';
}
.
}
Of course this method can be used only for simple and small
applications,
if you need more complex authentication and authorization, you should
consider
using Auth and ACL components.
Bye,
Andrea
On Oct 30, 7:51 pm, Brenton B [EMAIL PROTECTED] wrote:
Is the Admin routing intended as strictly for Root Admin? Or anyone
that can log in? just seems a bit vague.
On Oct 29, 11:54 am, Brenton B [EMAIL PROTECTED] wrote:
Essentially ... what makes the Admin Routing so special, and why
should I use it? What's the advantage over just having all the checks
in my own code? (ex: checks that they're logged in as admin and have
the right permissions)
On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote:
Quick question as to what would be the best Cake-y setup:
So I've got a list of Users who can either be Admin, Editors, or
simply Members.
Members can edit their own profiles, but Admin can also edit anyone's
profile (at this point Editors are just normal Members with special
status).
When it comes to admin routing, should that only be used for strictly
Admins and not Members?
Ex:
/profiles/edit - what Members use and there's a check that the
profile matches with the member
/profiles/admin_edit - only Admin uses this.
And how would that all work with ACL? It seems like there's a wee bit
of overlap here.
How have people set this up?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Thanks everyone for the useful tips, that helps a lot, which means I may have to restructure some stuff. Mostly, I think I was getting confused by the fact that with having `index` and `admin_index` I ended up doing 2 different views, where the difference was only whether or not to include an 'edit' link in the list ... which all seemed redundant, because any small change I'd make to one, I'd have to make to the other and seemed a bit more efficient to have a single view with checks for if they have permission or not. Cheers On Oct 31, 1:49 am, Adam Royle [EMAIL PROTECTED] wrote: Admin routing as more useful in a CMS-style site where there are clearly two distinct areas display of site data, and administering site data, which both could differ greatly in controller view code, rather than just acl permissions. Hope that clears things up. Cheers, Adam On Oct 29, 6:33 am, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Is the Admin routing intended as strictly for Root Admin? Or anyone that can log in? just seems a bit vague. On Oct 29, 11:54 am, Brenton B [EMAIL PROTECTED] wrote: Essentially ... what makes the Admin Routing so special, and why should I use it? What's the advantage over just having all the checks in my own code? (ex: checks that they're logged in as admin and have the right permissions) On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Admin + Members suggested setup??
Essentially ... what makes the Admin Routing so special, and why should I use it? What's the advantage over just having all the checks in my own code? (ex: checks that they're logged in as admin and have the right permissions) On Oct 28, 1:33 pm, Brenton B [EMAIL PROTECTED] wrote: Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Admin + Members suggested setup??
Quick question as to what would be the best Cake-y setup: So I've got a list of Users who can either be Admin, Editors, or simply Members. Members can edit their own profiles, but Admin can also edit anyone's profile (at this point Editors are just normal Members with special status). When it comes to admin routing, should that only be used for strictly Admins and not Members? Ex: /profiles/edit - what Members use and there's a check that the profile matches with the member /profiles/admin_edit - only Admin uses this. And how would that all work with ACL? It seems like there's a wee bit of overlap here. How have people set this up? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
