Just in case you want to keep the controllers lean and all that authorize code out of it in a central file,
I always like to code DRY and with clear responsibilities.
Am Donnerstag, 25. September 2014 18:06:55 UTC+2 schrieb MarkB:
-- you might be interested in taking a look at http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/
I always like to code DRY and with clear responsibilities.
Mark
Am Donnerstag, 25. September 2014 18:06:55 UTC+2 schrieb MarkB:
Actually, it wasn't the beforeFilter... I had actually also not set up the access rights in my various controllers isAuthorized functions
public function isAuthorized($user) {if (in_array($this->action, array('dashboard','edit','etcetera'))) { return true;}return parent::isAuthorized($user);}
I know... RTFM.:)
On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote:I think you will need to refer to the passed $user argument as shown in the docs:
public function isAuthorized($user) {
// Admin can access every action
if (isset($user['role']) && $user['role'] === 'admin') {
return true;
}
// Default deny
return false;
}
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment