php - CakePHP role based auth -


edit: version: 2.5.7

i'm trying setup role based authentication cakephp. far i've managed authentication work ok, controller access redirects login screen when not authenticated, , permits access when authenticated..

my problem comes when want 'admin' level access action methods, (prefixed admin_) yet denies them regular logins.

if uncomment $this->auth->authorize in beforefilter, authentication works fine..comment in, , can't log in.

appcontroller

public function isauthorized() {      if (!empty($this->params['action']) &&  (strpos($this->params['action'],'admin_') !== false) ) {         if ($this->auth->user('admin')) {                 return true;         }     }     return false; }  public function beforefilter() {     $this->auth->authorize = 'controller';     $this->auth->deny(); //deny everythng } 

my dashboard controller first screen after successful login. it's before filter looks this. need put parent:: isauthorized call somewhere? or when isauthorized call made? can tell firing, not sure why kicked login screen when implement it.

dashboard controller.

public function beforefilter()     {         parent::beforefilter();      } 

kind of found solution (of sorts)

cookbook tells this: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html

(see under postcontroller). whitelist actions want regular logged in users see, , parent isauthorized handles admin scenarios.

dashboard controller

public function isauthorized($user) {      $actions = array("stats","index");     if (in_array($this->action, $actions)) {         return true;     }  return parent::isauthorized($user); } 

problem approach pretty painful have each of controllers having sort of white list code in each one. feels ugly me.


Comments

Popular posts from this blog

qt - Using float or double for own QML classes -

Create Outlook appointment via C# .Net -

ios - Swift Array Resetting Itself -