Re: I want to prevent users to access other users data. Now I am trying using isAuthorized() function, but not working. Getting '$controller does not implement an isAuthorized() method" error.

See http://www.dereuromark.de/2011/10/05/common-cakephp-problems-and-solutions/ for some ideas

Basically you check the session Auth.User.id against the one of the record you want to access

If they dont match throw an Exception or redirect away with some error flash message.

Am Dienstag, 25. März 2014 10:51:10 UTC+1 schrieb Rahul Dhavale:

In app controller added '$this->Auth->authorize = 'Controller';' in before filter and added public function isAuthorized() {} function in users controller. I don't want to use ACL. 
e.g If logged in users edit profile url is http://localhost/abc/users/edit/1 then I want to prevent to acces users/edit/2 data. Please help me.

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.