I use https://github.com/dereuromark/cakephp-tinyauth to exactly prevent this complicated if/switch statement logic from happening all over the controllers ;)
Am Sonntag, 27. März 2016 11:43:31 UTC+2 schrieb LSRX4EVER:
-- One simple to configure ini file, done.
Mark
Am Sonntag, 27. März 2016 11:43:31 UTC+2 schrieb LSRX4EVER:
Hello Everyone,I'm a beginner CakePHP 3 developer. I learned fairly quick for my skill level.I'm currently working on a management system for a school, where there will be a couple of roles that will only access specific controller functions. (Student, Instructor, Supervisor, Administrator)HOWEVER, each user has a user state that I must validate and set permission temporarily for usersExample:Active UserLoginEnter code here...Redirected to their role controller, with only access to those methods in that controllerInactive User (used for setup)LoginConfirm Account Informationonly aloud to access that setup() actiononce confirmed, it will set the user active and log them outDisabled UserIs disabled, unauthorized user. Already have that configuredMy login function looks like:
public function login(){$this->viewBuilder()->layout('login'); if($this->Auth->user()){return $this->redirect(['controller'=>'Users','action'=>'index']); //index redirect for now } else {if($this->request->is('post')){ $user = $this->Auth->identify();$login_error=null;if($user){$session = $this->request->session();switch($user['user_status']){case '1': //Active - Normal Loginunset($user['created'], $user['expiration'], $user['user_status'], $user['security_question_answer'], $user['security_question_id'], $user['modified']); $userid=$user['id'];//$user= array_merge($user, array('Roles' => $this->Users->Roles->find('list', ['order' => ['Roles.role_id' => 'ASC']])->matching('Users', function ($q) use ($userid) {return $q->where(['Users.id' => $userid]);})->toArray())); $user = array_merge($user, array('role'=>key($this->Users->Roles->find('list', ['order' => ['Roles.role_id' => 'ASC']])->select(['Roles.role_ id'])->matching('Users', function ($q) use ($userid) { return $q->where(['Users.id' => $userid]);})->limit(1)-> toArray()))); $user = array_merge($user, array('user_status' => 1));$this->Auth->setUser($user);return $this->redirect($this->Auth->redirectUrl('/users/index')); break;case '2': //Disabled$login_error=1;$this->set(compact('login_error')); break;case '3': //Inactive - Redirect to setup methodunset($user['created'], $user['expiration'], $user['user_status'], $user['security_question_answer'], $user['security_question_id'], $user['modified']); $userid=$user['id'];//$user= array_merge($user, array('roles' => $this->Users->Roles->find('list', ['order' => ['Roles.role_id' => 'ASC']])->matching('Users', function ($q) use ($userid) {return $q->where(['Users.id' => $userid]);})->toArray())); $user = array_merge($user, array('role'=>key($this->Users->Roles->find('list', ['order' => ['Roles.role_id' => 'ASC']])->select(['Roles.role_ id'])->matching('Users', function ($q) use ($userid) { return $q->where(['Users.id' => $userid]);})->limit(1)-> toArray()), 'status' => 3)); $this->Auth->setUser($user); //Auth Role to only allow inactive user privilage to login, recovery and setup?/*this isnt right*/ return $this->redirect($this->Auth->redirectUrl('/users/setup')); break;}}if($login_error!=1){$login_error=0;};$this->set(compact('login_error')); }}}
My AppController BeforeFilter looks like:
public function beforeFilter(Event $event){$this->Auth->allow(['/users/login', '/users/recovery']); /*switch(user_status){case 'Active'switch(role){case 'Student'allow student controller methodsbreak;case 'Supervisor'allow supervisor controller methodsbreak;case 'Instructor'allow instructor controller methodsbreak;case 'Administrator'allow administrator controller methodsbreak;}deny login and recovery methodsbreak;case 'Inactive'allow setup and logout methodsdeny login and recovery methodsbreak;default:allow login and recovery methodsbreak;}*/}I have looked at some things, I am running a basic authentication system and I heard of Access Control Lists (ACL), but its seemed quite intricate and I don't want to spend a week trying to figure something out that's far from my reach.Any suggestions how to accomplish this?
Sign up for our Newsletter for updates.
http://cakephp.org/newsletter/signup
We will soon be closing this Google Group. But don't worry, we have something better coming. Stay tuned for an updated from the CakePHP Team soon.
Like Us on FaceBook https://www.facebook.com/CakePHP
Follow us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment