Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Just in case you want to keep the controllers lean and all that authorize code out of it in a central file, you might be interested in taking a look at http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ I always like to code DRY and with clear responsibilities. Mark Am Donnerstag, 25. September 2014 18:06:55 UTC+2 schrieb MarkB: Actually, it wasn't the *beforeFilter*... I had actually also not set up the access rights in my various controllers *isAuthorized *functions public function isAuthorized($user) { if (in_array($this-action, array('dashboard','edit','etcetera'))) { return true; } return parent::isAuthorized($user); } *I know... RTFM.* *:)* On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote: I think you will need to refer to the passed $user argument as shown in the docs: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what public function isAuthorized($user) { // Admin can access every action if (isset($user['role']) $user['role'] === 'admin') { return true; } // Default deny return false; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
I think you will need to refer to the passed $user argument as shown in the docs: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what public function isAuthorized($user) { // Admin can access every action if (isset($user['role']) $user['role'] === 'admin') { return true; } // Default deny return false; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
The truth is, I could never even get the blog tutorial authentication working for some reason, let alone the authorization, and so moved onto using some other code from a tutorial that someone else had done based upon the 'official' one and to extend it further. Which is how it got incorporated into my app. I've just tried to use that 'official' code again, and it's working! I must have done something else wrong when doing the original tutorial that I fixed somehow. The other thing I had also neglected to do was add or update the Auth part of my controllers *public function beforeFilter()* Great! Saves me a lot of donkey work and frustration. Thanks for suggesting I get back to basics Dario :) On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote: I think you will need to refer to the passed $user argument as shown in the docs: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what public function isAuthorized($user) { // Admin can access every action if (isset($user['role']) $user['role'] === 'admin') { return true; } // Default deny return false; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Actually, it wasn't the *beforeFilter*... I had actually also not set up the access rights in my various controllers *isAuthorized *functions public function isAuthorized($user) { if (in_array($this-action, array('dashboard','edit','etcetera'))) { return true; } return parent::isAuthorized($user); } *I know... RTFM.* *:)* On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote: I think you will need to refer to the passed $user argument as shown in the docs: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html#authorization-who-s-allowed-to-access-what public function isAuthorized($user) { // Admin can access every action if (isset($user['role']) $user['role'] === 'admin') { return true; } // Default deny return false; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.
Multiple role Authorization not working (based on tutorial) Cake 2.5.4
Hi, I've the blog tutorial and am working on my own app, an event booking system, which has user registration with two user roles - unsurprisingly called 'user' and 'admin'. :) I want 'users' to be able to change their own details and book on an event, and 'admins' to be able to do the usual adminy things. Authentication is working okay, but I can't get the authorisation element to work, using isAuthorized($user). If I log in as a non-admin user, I can still access the admin functions (by directly typing in the URL), all of which are prefixed with 'admin_' I've looked all over this forum and beyond, but I can't find a solution. Can anyone please take a look at my code and see where I might be going wrong? It's starting to drive me mad and I'm thinking of just sticking a simple 'is the user an admin?' within each and every admin function. I've tried it with and without *Configure::write('Routing.prefixes', array('admin')); *in my app's *core.php* (I've edited out non-relevent code for brevity) *AppController.php* *App::uses('Controller', 'Controller'); class AppController extends Controller { public $components = array( 'Session','Auth' = array('loginRedirect' = array('controller' = 'users', 'action' = 'dashboard'),'logoutRedirect' = array('controller' = 'pages', 'action' = 'home'), 'authError' = 'You must be logged in to view this page.', 'loginError' = 'Invalid username or password entered, please try again.', 'authenticate' = array( 'Form' = array('passwordHasher' = 'Blowfish', array('fields' = array('username' = 'email', 'authorize' = array('Controller') )); pages that can be viewed without being logged in public function beforeFilter() { $this-Auth-allow('login','index','add','home');} check to see logged-in user is an admin public function isAuthorized($user) {// Any registered user can access public functionsif (empty($this-request-params['admin'])) {return true; }// Only admins can access admin functionsif (isset($this-request-params['admin'])) {return (bool)($user['role'] === 'admin');}// Default deny return false;}}* *UsersController.php* *App::uses('AppController', 'Controller');class UsersController extends AppController {public $helpers = array('Html', 'Form', 'Session'); public $components = array('Session'); public function beforeFilter() {parent::beforeFilter(); $this-Auth-allow('login','index');} public function login() { // if we get the post information, try to authenticate if ($this-request-is('post')) { if ($this-Auth-login()) { $this-Session-setFlash(__('Welcome, '. $this-Auth-user('fullname'))); $this-redirect($this-Auth-redirectUrl()); } else { $this-Session-setFlash(__('Invalid username or password')); } } } public function dashboard() { code for dashboard stuff} / all the other code.}* -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.