Tuesday, May 26, 2009

Are admin routes worthwhile? No automagic with Auth

Hi All,

This is a general question - I have read the manual, and got the code
working.

In my app I have a need for some admin functions e.g. reset password
and change user status (banned/vip etc).

So I set up admin prefix routing by uncommenting Configure::write
('Routing.admin', 'admin'); in core and created new actions:
admin_chg_pass, and admin_edit in my Users controller. I also created
the views for the actions, and everything works nicely.

To restrict access to these functions I added an isAuthorised function
(using Auth) to check for role=='admin', and used $this->Auth-
>authorize='controller' in the Users controller. All this is straight
from the manual, and works correctly: only admins can access the
functions.

My question is why use admin routing at all? Because I have to code
the isAuthorized function, with the names of the actions that must be
restricted in each controller, I don't see where admin routing is
adding any benefit. I could write the same functions (same or
different names), use the same Auth functionality, and get the same
outcome.

It would be fantastic if cake automagically restricted admin_* actions
to role='admin' on the users table (with the usual override/config
options). I could write that myself in the App_controller I guess, but
I want to leverage cake as much as possible.

In fact admin routing seems to complicate things where the admin also
needs to use 'normal' functions because the url automatically gets
prefixed, but there is no admin_xxxx action only xxxx which leads to
missing action errors.

My layout code can also decide what menus etc to display by checking
role too, rather than having different layout files.

Because everything in cake is so well designed, I am sure admin prefix
routing is the right strategy, and my dumb brain is the problem. Could
someone please help me understand what the benefits are?

Thanks,
Sid.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)