Friday, September 26, 2014

Re: Multiple role Authorization not working (based on tutorial) Cake 2.5.4

Just in case you want to keep the controllers lean and all that authorize code out of it in a central file,
you might be interested in taking a look at http://www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/

I always like to code DRY and with clear responsibilities.
Mark


Am Donnerstag, 25. September 2014 18:06:55 UTC+2 schrieb MarkB:
Actually, it wasn't the beforeFilter... I had actually also not set up the access rights in my various controllers isAuthorized functions

public function isAuthorized($user) {
if (in_array($this->action, array('dashboard','edit','etcetera'))) {
return true;
}
return parent::isAuthorized($user);
}


I know... RTFM.

:)


On Thursday, 25 September 2014 09:49:02 UTC+1, Dario Savella wrote:
I think you will need to refer to the passed $user argument as shown in the docs:

public function isAuthorized($user) {
   
// Admin can access every action
   
if (isset($user['role']) && $user['role'] === 'admin') {
       
return true;
   
}
   
// Default deny
   
return false;
}



--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.

No comments: