1. users_controller.php
class UsersController extends AppController {
/* 01 http://book.cakephp.org/view/52/name
The $name attribute should be set to the name of the controller.
Usually this is just the plural form of the primary model the
controller uses.
It will be singularized, underscored and then be used to open the
table ??
*/
var $name = 'Users';
var $helpers = array('Html', 'Form', 'Javascript', 'Ajax');
var $components = array('RequestHandler');
// var $components = array('RequestHandler', 'Auth');
// Auth is not necessary here anymore, it was declared in
app_controller already
function login() {
// items commented as suggested
}
function logout() {
//00 http://book.cakephp.org/view/643/Preparing-to-Add-Auth
//00 Leave empty for now. now = when initializing aros, acos, groups
and users the first time
//05 http://book.cakephp.org/view/327/Simple-User-Authentication
//05 Redirect users to this action if they click on a Logout button.
//05 All we need to do here is trash the session information:
//05 And we should probably forward them somewhere, too...
$this->Session->delete('User');
//00 http://book.cakephp.org/view/650/Logout
//00 next two lines were added after groups/build_acl, and users/
initDB were visited in browser's URL field
$this->Session->setFlash('Good-Bye');
$this->redirect($this->Auth->logout());
}
function beforeFilter() {
parent::beforeFilter();
// should display nothing (even if http://localhost/groups/index or
http://localhost/groups/view/2 is typed by guest at browser's URL
field),
// letting Acl take over authentication ...
$this->Auth->allowedActions = array('index', 'view');
}
2. app_controller.php
class AppController extends Controller {
/* references :
//00 http://book.cakephp.org/view/643/Preparing-to-Add-Auth;
//00 http://book.cakephp.org/view/646/Creating-ACOs;
//01 http://lemoncake.wordpress.com/2007/07/19/using-authcomponent-and-acl-in-cakephp-12/
//02 http://www.littlehart.net/atthekeyboard/2007/09/11/a-hopefully-useful-tutorial-for-using-cakephps-auth-component/
//03 http://www.honk.com.au/index.php/2009/10/13/debugging-cakephp-auth-component/
//04 http://www.studiocanaria.com/articles/cakephp_auth_component_users_groups_permissions_revisited
//01 It is very import that you include the AclComponent before the
AuthComponent otherwise you will get this funky error message. Fatal
error: Call to a member function check() on a non-object in /var/www/
geoff/cake/cake/libs/controller/components/acl.php on line 87
The reason for this is that Components are started in the order they
appear in the $components list, and the AuthComponent does all its
magic at startup, so when Auth tries to use Acl::check() there is no
Acl.
mark_story :
originally (circa buildAcl) : $components = array('Auth', 'Acl')
changed to (circa build_acl) : $components = array('Acl', 'Auth')
but there was no mention of his reversing to Acl, Auth order in the
cake manual
//01
*/
var $helpers = array('Html', 'Csv');
var $components = array('Acl', 'Auth');
function beforeFilter() {
//00 Configure Authenticate Component
//TODO : understand the difference of authorizing 'actions' with
authorizing 'controllers'
$this->Auth->authorize = 'actions';
//02 Tell Auth what controller / action pair it needs to use to
present the login form.
$this->Auth->loginAction = array('controller' => 'users', 'action'
=> 'login');
//02 Tell the Auth component where the user should be redirected when
user is logged-out.
$this->Auth->logoutRedirect = array('controller' => 'users',
'action' => 'login');
//02 Tell the Auth component where the user should be redirected after
a successful authentication.
$this->Auth->loginRedirect = array('controller' => 'home');
/*
//00 http://book.cakephp.org/view/646/Creating-ACOs
Create a 'root' or top level ACO called 'controllers'. The purpose of
this root node is to make it easy to allow/deny access on a global
application scope, and allow the use of the Acl for purposes not
related to controllers/actions such as checking model record
permissions.
As we will be using a global root ACO we need to make a small
modification to our AuthComponent configuration. AuthComponent needs
to know about the existence of this root node, so that when making ACL
checks it can use the correct node path when looking up controllers/
actions. In AppController add the following to the beforeFilter: $this-
>Auth->actionPath = 'controllers/';
//00
*/
$this->Auth->actionPath = 'controllers/';
//00 http://book.cakephp.org/view/647/An-Automated-tool-for-creating-ACOs
//00 display is a public action in Pages::Controller
//00 including login and logout breaks Auth, don't include anymore,
Auth knows by default
//TODO : // remove build_acl and initDB later
// $this->Auth->allowedActions = array('display', 'index', 'view');
$this->Auth->allowedActions = array('display', 'index', 'view',
'build_acl', 'initDB');
//TODO : // $this->Auth->allow('display', 'index', 'view');
//TODO : find out its difference from $this->Auth->allowedActions =
array('display', 'index', 'view');
//03 this will show you what was rejected by the Auth component.
$this->Auth->authError = sprintf(__('Authorized access required for
%s/%s .', true), $this->name, $this->action);
//04 Pass auth component data over to view files
//TODO : understand the difference of 'Auth' or 'auth'
//?? does this mean i have both $Auth and $auth variables? (see
beforeRender)
$this->set('Auth', $this->Auth->user());
}
function beforeRender() {
//TODO : understand the difference of 'Auth' or 'auth'
//?? i forgot which tutorial this line came from
//?? does this mean i have both $Auth and $auth variables? (see
beforeFilter)
$this->set('auth', $this->Auth->user());
}
3. answers to your questions, and (sorry...) some more clarifications
> If you can edit your httpd.conf or virtual host configs, the best
> thing to do is to set DocumentRoot to:
>
> /var/www/web2/web/app/webroot
If i do as you suggested, should i change config.php and the defines
in the 3 index.phps?
> If you can do that, for performance benefits, you should also remove
> (or rename) all of the .htaccess files and add both "AllowOverride
> None" (to tell Apache to ignore .htaccess) and the contents of
> app/webroot/.htaccess to the <Directory> block in your Apache config.
> Putting it all together:
>
> DocumentRoot /var/www/web2/web/app/webroot
>
> <Directory "/var/www/web2/web/app/webroot">
> AllowOverride None
> DirectoryIndex index.php
> Order allow,deny
> Allow from all
>
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
> </IfModule>
> </Directory>
>
> (There's other stuff you'll need that has nothing to do with this
> subject, though.)
Yes, i will research and understand above first.
> Is this a shared hosting
> environment?
Yes, they are using ISPConfig.
> I'm wondering if there's something else configured that's
> hidden from you.
I was also suspecting that. Maybe ISPConfig's has RewriteBase that is
wrong? I can ask web host.
> You mentioned that you're only seeing this upon
> login. But, what about if you call redirect() in some other action?
> Try this in one of your controllers, eg. Posts:
>
> function beforeFilter()
> {
> $this->Auth->allow(array('foo', 'bar'));
>
> }
>
> function foo()
> {
> $this->redirect(array('controller' => 'posts', 'action' => 'bar'));
>
> }
>
> function bar()
> {
> die('ok');
>
> }
>
> request: /posts/foo
>
> If you see the same problem, you'll know that it's not Auth.
Will try above later.
4. Maraming salamat (thank you in Filipino (from the Philippines) )
for sharing your experience and time.
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
No comments:
Post a Comment