$this->authorize = 'controller' instead of $this->Auth->authorize =
'controller'. It works fine now.
Thanks for responding, though.
On Mar 26, 4:45 pm, nurvzy <nur...@gmail.com> wrote:
> isAuthorized() is only called if the action is not already allowed
> $this->Auth->allow('action_name'). In the controller you want to lock
> down do you have something along the lines of $this->Auth->allow('*')
> in your beforeFilter?
>
> Hope that helps,
> Nick
>
> On Mar 26, 1:45 pm, cricket <zijn.digi...@gmail.com> wrote:
>
> > In AppController, I have:
>
> > $this->authorize = 'controller';
>
> > I have several types of Users, each with a 'model' field set. I'd like
> > to bar certain types of Users from accessing the forum. In
> > ForumSectionsController, I have:
>
> > function isAuthorized()
> > {
> > return $this->Auth->user('admin') || $this->Auth->user('model') ==
> > 'Member';
>
> > }
>
> > But other types of Users can gain access. Am I misunderstanding the
> > point of isAuthorized()? Is it only meaningful in UsersController?
>
> > I also tried playing with $this->Auth->userScope in the controller's
> > beforeFilter() but no dice thus far.
>
>
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
To unsubscribe from this group, send email to cake-php+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
No comments:
Post a Comment