Re: How use AUTH for two sections (admin eshop, client admin)
If I get it right you want Admin section and Client section?
If so:
If you try to use ACL based app (http://book.cakephp.org/view/641/
Simple-Acl-controlled-Application),
your create two tables: users and groups (plus rest from ACL component
- http://book.cakephp.org/view/641/Simple-Acl-controlled-Application).
Each user belongs to some group, so you could have simply two groups:
admins
clients
Now, you have to define ARO - ACO association (http://book.cakephp.org/
view/648/Setting-up-permissions):
$group =& $this->User->Group;
//Allow admins to everything
$group->id = 1;
$this->Acl->allow($group, 'controllers');
//allow clients to shop
$group->id = 2;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/ShoppingCarts/
edit');
$this->Acl->allow($group, 'controllers/ShoppingCarts/add');
and so on
Actions visible for everyone (no logged in) are defined in
beforeFilter action in each controller,
function beforeFilter(){
parent::beforFilter(); //see Cake Book tutorial for explenation of
this
$this->Auth->allowedActions('index', 'view');
}
Some actions (defined by you) will be then served only when someone is
logged in. All actions with prefix admin_ will be served only to
admin.
Very helpful tool for automated ACO's (simply controllers' and
plugins' actions):
http://book.cakephp.org/view/647/An-Automated-tool-for-creating-ACOs
Add to it Tip about prefix routing and You should have nice urls for
logged in users.
On Nov 25, 1:19 am, Petr Vytlačil wrote:
> Hi,
> is any idea. How use AUTH for two admin sections?
> First: Admin section, when user log. can add new products, and other
> informations.
> Second: Client admin: user log. can shopping, do order, check
> order
>
> I must use ACL or role in user and how i can do, when client login can
> view only views for orders, ... and admin user can use add products,
> kind.. but cant shopping..
>
> THX
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
Re: How use AUTH for two sections (admin eshop, client admin)
In the beforeFilter in each controller you can specify $this->Auth->userModel = "MODEL_NAME"; that way you can use two different tables separately. On Mon, Nov 30, 2009 at 6:39 PM, Jeff Deroshia wrote: > I've had to do something similar with users in different scopes being in > completely different tables. > > I handled it by first making sure all admin actions had admin => 1 in their > urls. > Then in the app_controller's beforeFilter, I checked for an admin action. > If found, I initialized the Auth component with the appropriate user model > and fields associated with the admin login. If the requested action is not > an admin action, I initialize the Auth component with the client user model > and it's fields. > > This app used controller-based authorization and not the built-in acls. > The same filtering can be done in the isAuthorized method. > > Of course, you can have more than two realms as long as each additional one > is associated with a prefix. > http://book.cakephp.org/view/544/Prefix-Routing > > Jeff > > > On Mon, Nov 30, 2009 at 5:36 PM, Piotr Kilczuk wrote: > >> Hi Petr, >> >> > is any idea. How use AUTH for two admin sections? >> > First: Admin section, when user log. can add new products, and other >> > informations. >> > Second: Client admin: user log. can shopping, do order, check >> > order >> > >> > I must use ACL or role in user and how i can do, when client login can >> > view only views for orders, ... and admin user can use add products, >> > kind.. but cant shopping.. >> >> Well, the most popular approach is simply to define roles for users. >> It's up to you to make the check basing either on value of user record >> (like varchar=string field with a value of, say, customer or admin) or >> build an ACL powered permission system. >> >> Pesonally I'd suggest to make it simple, without the headaches of >> ACLs. The CakePHP ACL implementation is not as good as you could >> expect and in such a simple situation it might be an overkill. >> >> Regards, >> Piotr (Petr as well) >> >> Check out the new CakePHP Questions site http://cakeqs.org and help >> others with their CakePHP related questions. >> >> You received this message because you are subscribed to the Google Groups >> "CakePHP" group. >> To post to this group, send email to cake-php@googlegroups.com >> To unsubscribe from this group, send email to >> cake-php+unsubscr...@googlegroups.comFor >> more options, visit this group at >> http://groups.google.com/group/cake-php?hl=en >> > > Check out the new CakePHP Questions site http://cakeqs.org and help > others with their CakePHP related questions. > > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To post to this group, send email to cake-php@googlegroups.com > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.comFor > more options, visit this group at > http://groups.google.com/group/cake-php?hl=en > Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: How use AUTH for two sections (admin eshop, client admin)
I've had to do something similar with users in different scopes being in completely different tables. I handled it by first making sure all admin actions had admin => 1 in their urls. Then in the app_controller's beforeFilter, I checked for an admin action. If found, I initialized the Auth component with the appropriate user model and fields associated with the admin login. If the requested action is not an admin action, I initialize the Auth component with the client user model and it's fields. This app used controller-based authorization and not the built-in acls. The same filtering can be done in the isAuthorized method. Of course, you can have more than two realms as long as each additional one is associated with a prefix. http://book.cakephp.org/view/544/Prefix-Routing Jeff On Mon, Nov 30, 2009 at 5:36 PM, Piotr Kilczuk wrote: > Hi Petr, > > > is any idea. How use AUTH for two admin sections? > > First: Admin section, when user log. can add new products, and other > > informations. > > Second: Client admin: user log. can shopping, do order, check > > order > > > > I must use ACL or role in user and how i can do, when client login can > > view only views for orders, ... and admin user can use add products, > > kind.. but cant shopping.. > > Well, the most popular approach is simply to define roles for users. > It's up to you to make the check basing either on value of user record > (like varchar=string field with a value of, say, customer or admin) or > build an ACL powered permission system. > > Pesonally I'd suggest to make it simple, without the headaches of > ACLs. The CakePHP ACL implementation is not as good as you could > expect and in such a simple situation it might be an overkill. > > Regards, > Piotr (Petr as well) > > Check out the new CakePHP Questions site http://cakeqs.org and help others > with their CakePHP related questions. > > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To post to this group, send email to cake-php@googlegroups.com > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.comFor > more options, visit this group at > http://groups.google.com/group/cake-php?hl=en > Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: How use AUTH for two sections (admin eshop, client admin)
Hi Petr, > is any idea. How use AUTH for two admin sections? > First: Admin section, when user log. can add new products, and other > informations. > Second: Client admin: user log. can shopping, do order, check > order > > I must use ACL or role in user and how i can do, when client login can > view only views for orders, ... and admin user can use add products, > kind.. but cant shopping.. Well, the most popular approach is simply to define roles for users. It's up to you to make the check basing either on value of user record (like varchar=string field with a value of, say, customer or admin) or build an ACL powered permission system. Pesonally I'd suggest to make it simple, without the headaches of ACLs. The CakePHP ACL implementation is not as good as you could expect and in such a simple situation it might be an overkill. Regards, Piotr (Petr as well) Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
How use AUTH for two sections (admin eshop, client admin)
Hi, is any idea. How use AUTH for two admin sections? First: Admin section, when user log. can add new products, and other informations. Second: Client admin: user log. can shopping, do order, check order I must use ACL or role in user and how i can do, when client login can view only views for orders, ... and admin user can use add products, kind.. but cant shopping.. THX Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
