Re: Many-to-many ACL
On Friday, 2 November 2012 06:57:13 UTC+7, Daniel Hdez wrote: Hello, hey i have the same problem, do you find a solution yet? greetings! :) If you read the thread, you'll find the solution in front of you :p -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Many-to-many ACL
Hello, hey i have the same problem, do you find a solution yet? greetings! :) -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Many-to-many ACL
Or you can use this plugin: https://github.com/ceeram/Authorize and set AuthComponent up with HabtmDbAclAuthorize Op maandag 21 mei 2012 14:35:32 UTC+2 schreef rahajiyev het volgende: On May 16, 1:23 am, Justin Edwards justinledwa...@gmail.com wrote: To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 16, 1:23 am, Justin Edwards justinledwa...@gmail.com wrote: To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nevermind, I think I got Oracle working with 2.1 thanks to this tutorial and a bit more thumb twiddling: http://www.hassanbakar.com/2012/01/09/using-oracle-in-cakephp-2-0/comment-page-1/#comment-38958 At the very least I could get pagination working. On May 21, 5:35 pm, rahajiyev rahaji...@bankofbaku.com wrote: On May 16, 1:23 am, Justin Edwards justinledwa...@gmail.com wrote: To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... Does tinyauthdb work with Cake 1.3? I need 1.3 for its Oracle support. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried adding joins in my User model beforeFind():
public function beforeFind(array $query) {
$query['joins'] = array(
array(
'table' = 'roles_users',
'alias' = 'RolesUser',
'type' = 'INNER',
'conditions' =
array('Milli.id=RolesUser.user_id')),
array(
'table' = 'roles',
'alias' = 'Role',
'type' = 'INNER',
'conditions' =
array('RolesUser.role_id=Role.id')));
return $query;
}
Now Model::find() correctly does receives the join info:
/lib/Cake/Model/Model.php (line 2676)
array(
'conditions' = array(
'Milli.username' = 'rihad',
'Milli.password' = '17bce4ac9c39019189b7bba280af55de9fe1d9a7'
),
'fields' = null,
'joins' = array(
(int) 0 = array(
'table' = 'roles_users',
'alias' = 'RolesUser',
'type' = 'INNER',
'conditions' = array(
(int) 0 = 'Milli.id=RolesUser.user_id'
)
),
(int) 1 = array(
'table' = 'roles',
'alias' = 'Role',
'type' = 'INNER',
'conditions' = array(
(int) 0 = 'RolesUser.role_id=Role.id'
)
)
),
'limit' = (int) 1,
'offset' = null,
'order' = array(
(int) 0 = null
),
'page' = (int) 1,
'group' = null,
'callbacks' = true,
'recursive' = (int) 2
But the User is still fetched with Role side by side, so
BaseAuthenticate ignores Role.
array(
(int) 0 = array(
'Milli' = array(
'password' = '*',
'id' = (int) 6,
'username' = 'rihad',
'password_expiration' = null,
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-18 10:14:07',
'last_accessed' = null
),
'Role' = array(
(int) 0 = array(
'id' = (int) 1,
'alias' = 'operations',
'RolesUser' = array(
'id' = (int) 6,
'role_id' = (int) 1,
'user_id' = (int) 6
)
)
)
)
)
I'm expecting Role to be nested inside Milli, or something like that.
Please help, it's a SNAFU, I've invested too much of my limited time
to get the job done, it's too late to go looking for a working
framework :( I admit that it's probably a misconfiguration from my
part. But I can't fix it.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
OK, I've worked around this deficiency by doing 2 things:
(1) added 'recursive' = 1 to AuthI
public $components = array(
'Auth' = array(
'authenticate' = array('Form' =
array('userModel' = 'Milli', 'recursive' = 1)),
(2) writing afterFind() callback in my model:
public function afterFind(array $query) {
if (count($query) == 1) {
# single result fetched
$record = $query[0];
if (isset($record['Role'])
is_array($record['Role'])) {
$roles = array();
foreach ($record['Role'] as $role)
$roles[] = $role['RolesUser']
['role_id'];
$record[$this-alias]['Role'] =
$roles;
unset($record['Role']);
}
}
return $query;
}
You bet this is ugly! But works.
There's one small problem, though. When I remove currently logged in
user's role to access a specific resource, he can still do so. Looks
like authorize() accesses Session data, and Session has active user
roles cached.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Thanks, Justin. But now I'm getting You are not authorized to access
that location. flash error and kicked back to /login. In
AuthComponent's authorize() I could see that it's attempting to access
$user[$this-settings['aclModel']])
and failing that triggers error:
Notice (1024): Missing acl information (Role/role_id) in user session
[APP/Controller/Component/Auth/TinyAuthorize.php, line 78]
settings['aclModel'] is 'Role' as per default so it basically tries
$user-['Role']
My $user looks like this:
array(
'id' = (int) 6,
'username' = 'rihad',
'role' = 'can-do-this',
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-17 10:39:17',
)
it indeed lacks 'Role' field. Should I simply change $this-
authorize['aclModel'] = 'Role' ?
I have this in Config/core.php:
Configure::write('Role', array(
'can-do-this' = 1,
'can-do-that = 2,
));
to emulate a missing table.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
In AuthComponent's authorize() I could see that it's attempting to access $user[$this-settings['aclModel']]) I meant to say TinyAuthorize's authorize(). -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
OK, so I changed 'Role' to 'role' in Configure::write and it seems to work. I'm able to log in, and access an action that my role is permitted to access (as per acl.ini). But a strange thing happens when I attempt to access an action that I'm not permitted to. Instead of redirecting me to the /login page due to inappropriate permissions, I get silently redirected to / which I AM permitted to access. What's going on? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Do I still need to use a many-to-many roles_users table if I want each user to possess multiple roles? How do I go about that? Unfortunately this tutorial doesn't go into much detail: http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Ok, so I created two more tables:
roles:
id int primary key;
name varchar;
roles_users:
id int primary key;
role_id foreign key roles(id);
user_id foreign key users(id);
and authorization automagically figures out where to allow the
currently logged in user.
But there's one thing. When paginating list of users, how can I get at
the user's roles? User model hasAndBelongsToMany('Role') but still
role information isn't included.
public function index() {
$this-User-recursive = 0;
$this-set('users', $this-paginate());
}
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nope it doesn't work :(
authorize() in TinyAuthorize receives $user that lacks any joins to
roles table:
array(
'id' = (int) 6,
'username' = 'rihad',
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-17 16:36:24',
)
so of course it can't find $user['Role']
Here's my user class:
class Milli extends AppModel {
public $hasAndBelongsToMany = array(
'Role' = array(
'className' = 'Role',
'joinTable' =
'roles_users',
'foreignKey'= 'user_id',
'assosciationForeignKey'= 'role_id',
'unique'=
'keepExisting'));
}
class Role is empty.
class MilliController extends AppController
public $components = array(
'Session',
'Auth' = array(
'loginRedirect' = array('controller' =
'milli', 'action' = 'index'),
'logoutRedirect' = array('controller' =
'milli', 'action' = 'index'),
'authenticate' = array('Form' =
array('userModel' = 'Milli')),
'authorize' = array('Tiny' =
array('aclModel' = 'Role')),
'loginAction' = array('controller' =
'milli', 'action' = 'login')));
public function beforeFilter() {
$this-Auth-allow('login', 'logout');
}
Please help...
On May 17, 11:53 am, rahajiyev rahaji...@bankofbaku.com wrote:
OK, so I changed 'Role' to 'role' in Configure::write and it seems to
work. I'm able to log in, and access an action that my role is
permitted to access (as per acl.ini).
But a strange thing happens when I attempt to access an action that
I'm not permitted to. Instead of redirecting me to the /login page due
to inappropriate permissions, I get silently redirected to / which I
AM permitted to access. What's going on?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've never tried to make the User model be named anything else. I have
users and roles many to many on both sides though.
https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model
https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.php
https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php
On Thu, May 17, 2012 at 6:50 AM, rahajiyev rahaji...@bankofbaku.com wrote:
Nope it doesn't work :(
authorize() in TinyAuthorize receives $user that lacks any joins to
roles table:
array(
'id' = (int) 6,
'username' = 'rihad',
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-17 16:36:24',
)
so of course it can't find $user['Role']
Here's my user class:
class Milli extends AppModel {
public $hasAndBelongsToMany = array(
'Role' = array(
'className' = 'Role',
'joinTable' =
'roles_users',
'foreignKey'= 'user_id',
'assosciationForeignKey'= 'role_id',
'unique'=
'keepExisting'));
}
class Role is empty.
class MilliController extends AppController
public $components = array(
'Session',
'Auth' = array(
'loginRedirect' = array('controller' =
'milli', 'action' = 'index'),
'logoutRedirect' = array('controller' =
'milli', 'action' = 'index'),
'authenticate' = array('Form' =
array('userModel' = 'Milli')),
'authorize' = array('Tiny' =
array('aclModel' = 'Role')),
'loginAction' = array('controller' =
'milli', 'action' = 'login')));
public function beforeFilter() {
$this-Auth-allow('login', 'logout');
}
Please help...
On May 17, 11:53 am, rahajiyev rahaji...@bankofbaku.com wrote:
OK, so I changed 'Role' to 'role' in Configure::write and it seems to
work. I'm able to log in, and access an action that my role is
permitted to access (as per acl.ini).
But a strange thing happens when I attempt to access an action that
I'm not permitted to. Instead of redirecting me to the /login page due
to inappropriate permissions, I get silently redirected to / which I
AM permitted to access. What's going on?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help
others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group
at http://groups.google.com/group/cake-php
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 17, 7:34 pm, Justin Edwards justinledwa...@gmail.com wrote: I've never tried to make the User model be named anything else. I have users and roles many to many on both sides though. https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.phphttps://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php Thanks. Mark said that too small recursive might be an issue, although its default setting of 1 should be enough to reach the roles. This looks like the most probable reason because TinyAuthorize::authorize() receives plain $user with no joins. I'll check that tomorrow. I'll also try adding the other side of HABTM to Role. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried copying auth stuff to User, and modified routes accordingly, it didn't help. User is a prefixed (/admin) controller for creating operators that will be using the app based on their roles in non-prefixed URLs. The authentication of /admin itself happens in Apache. The creator of operators through CRUD doesn't need to use the app itself. On May 17, 7:34 pm, Justin Edwards justinledwa...@gmail.com wrote: I've never tried to make the User model be named anything else. I have users and roles many to many on both sides though. https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role.phphttps://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/User.php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I've tried increasing recursive in my Auth settings:
public $components = array(
'Session',
'Auth' = array(
'authenticate' = array('Form' =
array('userModel' = 'Milli', 'recursive' = 1)),
'authorize' = array('Tiny' =
array('aclModel' = 'Role')),
And now _findUser() in BaseAuthenticate.php indeed starts fetching the
user deeply with its Role.
array(
'Milli' = array(
'password' = '*',
'id' = (int) 6,
'username' = 'rihad',
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-18 10:14:07'
),
'Role' = array(
(int) 0 = array(
'id' = (int) 1,
'alias' = 'operations',
'RolesUser' = array(
'id' = (int) 6,
'role_id' = (int) 1,
'user_id' = (int) 6
)
)
)
)
But TinyAuth still is getting the shallow user in its authorize().
array(
'id' = (int) 6,
'username' = 'rihad',
'created' = '2012-05-15 16:30:10',
'modified' = '2012-05-18 10:14:07',
)
What's going on? The session (/tmp/sess_* files) is lacking the Role
stuff.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I tracked down the issue to BaseAuthenticate::_findUser() Even though it correctly joins user table to roles and fetches them both, Role isn't nested in user, so to speak: $result is: array( 'Milli' = array( 'id' = (int) 6, 'username' = 'rihad', 'created' = '2012-05-15 16:30:10', 'modified' = '2012-05-18 10:14:07', ), 'Role' = array( (int) 0 = array( 'id' = (int) 1, 'alias' = 'operations', 'RolesUser' = array( 'id' = (int) 6, 'role_id' = (int) 1, 'user_id' = (int) 6 ) ) ) ) so when _findUser() returns $result[$model] back to FormAuthenticate, all it gets is: array( 'id' = (int) 6, 'username' = 'rihad', 'created' = '2012-05-15 16:30:10', 'modified' = '2012-05-18 10:14:07', ) What should I do? I'm sure it's a misconfiguration because folks have probably used TinyAuthorize with HABTM roles. On May 17, 8:33 pm, rihad ri...@mail.ru wrote: I've tried copying auth stuff to User, and modified routes accordingly, it didn't help. User is a prefixed (/admin) controller for creating operators that will be using the app based on their roles in non-prefixed URLs. The authentication of /admin itself happens in Apache. The creator of operators through CRUD doesn't need to use the app itself. On May 17, 7:34 pm, Justin Edwards justinledwa...@gmail.com wrote: I've never tried to make the User model be named anything else. I have users and roles many to many on both sides though. https://github.com/justinledwards/tinyauthdb/tree/2.1/app/Model https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Model/Role -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I should probably specify manual joins required for HABTM relations, as described in the docs (see Joining Tables towards the end). But how do I tweak the joins? AFAIK they can only be specified in the find() calls, and those are performed internally by the Auth subsystem. So what should I do? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Thanks, I'm trying to use it. Something strange is going on (probably
unrelated to the TinyAuth plugin).
When I visit the root of the site (http://example.org/) I expect Cake
to redirect to operators/login, but it instead gets me to users/login.
There IS a UsersController, but it's prefixed under /admin like this:
Router::connect('/admin', array('controller' = 'users', 'action' =
'index', 'admin' = true));
Here's my Controller/OperatorsController.php:
class OperatorsController extends AppController # (AppController is
empty)
{
public $components = array(
'Session',
'Auth' = array(
'loginRedirect' = array('controller' =
'operators', 'action' = 'index'),
'logoutRedirect' = array('controller' =
'operators', 'action' = 'index')));
public function beforeFilter() {
parent::beforeFilter();
$this-Auth-allow('login', 'logout');
}
public function login() {
if ($this-request-isPost()) {
if ($this-Auth-login()) {
$this-redirect($this-Auth-
redirect());
} else {
$this-Session-setFlash(__('Invalid
username or password, try again'));
}
}
}
public function logout() {
$this-redirect($this-Auth-logout());
}
public function index() {
}
}
Here.s my Config/routes.php
Router::connect('/', array('controller' = 'operators',
'action' = 'index'));
Router::connect('/admin', array('controller' = 'users',
'action' = 'index', 'admin' = true));
Router::connect('/:action', array('controller' =
'operators'));
#Router::connect('/pages/*', array('controller' = 'pages',
'action' = 'display'));
CakePlugin::routes();
require CAKE . 'Config' . DS . 'routes.php';
Can you tell me why it keeps throwing me to an unrelated users/login?
I'm not even accessing that controller.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
I could narrow this down to these lines:
public $components = array(
'Session',
'Auth' = array(
'loginRedirect' = array('controller' =
'operators', 'action' = 'index'),
'logoutRedirect' = array('controller' =
'operators', 'action' = 'index')));
public function beforeFilter() {
parent::beforeFilter();
$this-Auth-allow('login', 'logout');
}
if I remove them, the strange redirect example.org/ = example.org/
users/login does not happen.
What's going on?
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Nothing's better than reading Cake code :-p In ../lib/Cake/Controller/Component/AuthComponent.php: public $loginAction = array( 'controller' = 'users', 'action' = 'login', 'plugin' = null ); So users is hardcoded... -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Now I cannot authenticate. Just simple authentication only for now.
AFAIK Auth is supposed to automagically check columns username
password in the table. Yet it doesn't work. Here's what I do: visit
example.org/, get redirected to example.org/login, enter valid
username pass, and get the same login URL with flash error: Invalid
username or password, try again. No SQL queries get logged as far as
I can tell (debug0).
Model/Milli.php is empty
class MilliController extends AppController
{
public $paginate = array('limit' = 5);
public $components = array(
'Session',
'Auth' = array(
'loginRedirect' = array('controller' =
'milli', 'action' = 'index'),
'logoutRedirect' = array('controller' =
'milli', 'action' = 'index'),
'authenticate' = array('Form'),
'loginAction' = array('controller' =
'milli', 'action' = 'login')));
public function beforeFilter() {
#parent::beforeFilter();
$this-Auth-allow('login', 'logout');
#$this-Auth-allow('*');
}
public function login() {
if ($this-request-isPost()) {
if ($this-Auth-login()) {
$this-redirect($this-Auth-
redirect());
} else {
$this-Session-setFlash(__('Invalid
username or password, please try again'));
}
}
}
public function logout() {
$this-redirect($this-Auth-logout());
}
public function index() {
}
}
View/Milli/login.ctp:
div class=users form
?php echo $this-Session-flash('auth'); ?
?php echo $this-Form-create('Milli');?
fieldset
legend?php echo __('Please enter your username and
password'); ?/legend
?php
echo $this-Form-input('username');
echo $this-Form-input('password');
?
/fieldset
?php echo $this-Form-end(__('Login'));?
/div
Config/routes.php:
Router::connect('/', array('controller' = 'milli', 'action'
= 'index'));
Router::connect('/:action', array('controller' = 'milli'));
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Here's what PostgreSQL logs when I click the Login button as above: 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0001: SET search_path TO public 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0001 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0002: SELECT table_name as name FROM INFORMATION_SCHEMA.tables WHERE table_schema = $1 2012-05-16 17:00:03 AZST DETAIL: parameters: $1 = 'public' 2012-05-16 17:00:03 AZST LOG: execute pdo_stmt_0003: SELECT DISTINCT table_schema AS schema, column_name AS name, data_type AS type, is_nullable AS null, column_default AS default, ordinal_position AS position, character_maximum_length AS char_length, character_octet_length AS oct_length FROM information_schema.columns WHERE table_name = $1 AND table_schema = $2 ORDER BY position 2012-05-16 17:00:03 AZST DETAIL: parameters: $1 = 'users', $2 = 'public' 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0003 2012-05-16 17:00:03 AZST LOG: statement: DEALLOCATE pdo_stmt_0002 Apparently it doesn't attempt to query users table itself. But if I remove the users table clicking login barfs that table users does not exist, so there's something else stopping it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
Bingo! By reading the source of AuthComponent and sprinkling
debug($var); exit; here and there I tracked after its construction
that $this-_authenticateObjects looked like this:
array(
(int) 0 = object(FormAuthenticate) {
settings = array(
'fields' = array(
'password' = '*',
'username' = 'username'
),
'userModel' = 'Users',
'scope' = array(),
'recursive' = (int) 0
)
}
)
The model was still Users! So a change was trivial:
in MilliController.php.:
changed'authenticate' = array('Form' ),
to this: 'authenticate' = array('Form' =
array('userModel' = 'Milli')),
for now the logging in passes through.
The docs for auth are severely lacking.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php
Re: Many-to-many ACL
On May 16, 1:23 am, Justin Edwards justinledwa...@gmail.com wrote: http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest... To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... I'm having a hard time choosing the right place for this code. Where do I put it cleanly? I tried dropping it off in Plugin/ but Cake won't find it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
app/Controller/Component/Auth On Wed, May 16, 2012 at 11:29 AM, rihad ri...@mail.ru wrote: On May 16, 1:23 am, Justin Edwards justinledwa...@gmail.com wrote: http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest... To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/... I'm having a hard time choosing the right place for this code. Where do I put it cleanly? I tried dropping it off in Plugin/ but Cake won't find it. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Many-to-many ACL
Hi. I need users to belong to more than one role. Like Can-do-this, Can-do-that, etc. I think a many-to-many relationship fits this need. Like this (in pseudo-sql) table users: id int primary key; name varchar; table roles: id int primary key; name varchar; table roles_users: id int primary key; user_id foreign key users(id); role_id foreign key roles(id); So each user can have multiple roles listed in roles_users. I looked at the ACL tutorial: http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html but it only makes use of a single group_id. Cake's Auth subsystem looks fine to me. Can I use it with multiple roles described above? Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Re: Many-to-many ACL
http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ To DB https://github.com/justinledwards/tinyauthdb/blob/2.1/app/Controller/Component/Auth/TinyAuthorize.php On Tue, May 15, 2012 at 1:47 PM, rihad ri...@mail.ru wrote: Hi. I need users to belong to more than one role. Like Can-do-this, Can-do-that, etc. I think a many-to-many relationship fits this need. Like this (in pseudo-sql) table users: id int primary key; name varchar; table roles: id int primary key; name varchar; table roles_users: id int primary key; user_id foreign key users(id); role_id foreign key roles(id); So each user can have multiple roles listed in roles_users. I looked at the ACL tutorial: http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html but it only makes use of a single group_id. Cake's Auth subsystem looks fine to me. Can I use it with multiple roles described above? Thanks. -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
