Monday, November 30, 2009

Re: How use AUTH for two sections (admin eshop, client admin)

I've had to do something similar with users in different scopes being in completely different tables.

I handled it by first making sure all admin actions had admin => 1 in their urls.
Then in the app_controller's beforeFilter, I checked for an admin action.  If found, I initialized the Auth component with the appropriate user model and fields associated with the admin login.  If the requested action is not an admin action, I initialize the Auth component with the client user model and it's fields.

This app used controller-based authorization and not the built-in acls.  The same filtering can be done in the isAuthorized method.

Of course, you can have more than two realms as long as each additional one is associated with a prefix.

Jeff


On Mon, Nov 30, 2009 at 5:36 PM, Piotr Kilczuk <kilczuk@gmail.com> wrote:
Hi Petr,

> is any idea. How use AUTH for two admin sections?
> First: Admin section, when user log. can add new products, and other
> informations.
> Second: Client admin: user log. can shopping, do order, check
> order....
>
> I must use ACL or role in user and how i can do, when client login can
> view only views for orders, ... and admin user can use add products,
> kind.. but cant shopping..

Well, the most popular approach is simply to define roles for users.
It's up to you to make the check basing either on value of user record
(like varchar=string field with a value of, say, customer or admin) or
build an ACL powered permission system.

Pesonally I'd suggest to make it simple, without the headaches of
ACLs. The CakePHP ACL implementation is not as good as you could
expect and in such a simple situation it might be an overkill.

Regards,
Piotr (Petr as well)

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
 
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en

No comments: