It looks like you're using isAuthorized wrong, assuming your /students/ path is a prefix, you would do something like this.
if($this->params['prefix'] == 'students' && $user['role'] !== 'student') {
if($this->params['prefix'] == 'students' && $user['role'] !== 'student') {
return false; // Only students can access /students/<controller>/<action> etc
}
return true; // No checks failed, have at it.
If you're students url is a controller not a prefix just change the condition to match, do this for each role. If there is a redirect problem it's likely to be with your Auth setup not isAuthorised as isAuthorised should only really return true or false.
return true; // No checks failed, have at it.
If you're students url is a controller not a prefix just change the condition to match, do this for each role. If there is a redirect problem it's likely to be with your Auth setup not isAuthorised as isAuthorised should only really return true or false.
On 7 August 2014 13:58, ajt <jagguy999@gmail.com> wrote:
Hi,--
I can authenticate a user but I get problems when a user tries to access from the address bar a webpage it hasnt got access to.
What happens is that I get routed to the base index file with missingControler error.
SO my path is ..../crm/students on a webpage the user should not access and then i get directed to /crm/crm/
public function isAuthorized($user) {
if (isset($user['role']) && $user['role'] === 'manager') {
return true;
}
if (isset($user['role']) && $user['role'] === 'student') {
return true;
}
if (isset($user['role']) && $user['role'] === 'teacher') {
return false;
}
return parent::isAuthorized($user);
}
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
Kind Regards
Stephen Speakman
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment