Thursday, March 29, 2012

Re: isAuthorized() is never called

Hi,

I wrote this code moths ago:
abstract class AppController extends Controller {
    //...

    public $components = array(
        'Session',
        'Auth' => array(
            'loginRedirect' => array('controller' => 'pages', 'action' => 'index'),
            'logoutRedirect' => array('controller' => 'abouts', 'action' => 'index'),
            'authorize' => array('Controller'),
            'authError' => "You are not authorized to view this page."
        )
    );

    function beforeFilter() {
        $this->Auth->allow('index');
        $this->set('userId', $this->Auth->user('id'));
        $this->set('userRole', $this->Auth->user('role'));
        $this->set('userName', $this->Auth->user('username'));
        $this->set('isLoggedIn', $this->Auth->loggedIn());
    }

    public function isAuthorized($user) {
        if (isset($user['role']) && $user['role'] === 'admin') {
            return true; //Admin can access every action
        }
        return false; // The rest don't
    }
}

2012. március 28., szerda 15:09:03 UTC+2 időpontban Sony a következőt írta:
Hi,

When I run a action, the access is refused because the method
isAuthorized() is never called.

AppController :

<?php

class AppController extends Controller {

        public $helpers = array ('Html', 'Form', 'Session', 'Time');

        public $components = array('Session', 'Auth');

        public function beforeFilter()
        {
                $this->Auth->userModel = 'User';
                $this->Auth->fields = array('username' => 'username', 'password' =>
'password');
                $this->Auth->loginAction = array('controller' => 'users', 'action'
=> 'login');
                $this->Auth->loginRedirect = '/';
                $this->Auth->loginError = 'Nom d\'utilisateur ou mot de passe
incorrects.';
                $this->Auth->logoutRedirect = '/';
                $this->Auth->authError = 'Vous n\'avez pas accès à cette page.';
                $this->Auth->autoRedirect = true;
                $this->Auth->authorize = 'controller';

                debug('beforeFilter');
        }

        public function isAuthorized($user = null)
        {
                debug('isAuthorized');
                die();
                return true;
        }
}

My others controllers do not implement beforeFilter or isAuthorized.

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
 
 
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

No comments: