Logs for #cakephp

Page 5 of 36,430, showing 100 records out of 3,642,926 total, starting on record 401, ending on 500

# At Username Text
# Aug 6th 2008, 16:40 TommyO castroalves: your authentication will have to reside somewhere less 'dynamic'
# Aug 6th 2008, 16:40 castroalves renan_saddam: I love you, man!
# Aug 6th 2008, 16:40 castroalves ahahahhah
# Aug 6th 2008, 16:40 castroalves renan_saddam: is just it
# Aug 6th 2008, 16:40 renan_saddam ;)
# Aug 6th 2008, 16:41 castroalves I gotta go...
# Aug 6th 2008, 16:41 castroalves Tomorrow I come back to talk to you...
# Aug 6th 2008, 16:41 francky06l Mathachew: some who did not logged, is not in Auth->user(), so you can create for him a "generic" Auth value in session where the user id = 0; then use this to check in isAuthorized
# Aug 6th 2008, 16:41 castroalves BTW, thanks for all..
# Aug 6th 2008, 16:41 castroalves Bye!!!
# Aug 6th 2008, 16:42 TommyO Mathachew: specific nodes you mean ACL? or actions?
# Aug 6th 2008, 16:42 Mathachew controllers and actions
# Aug 6th 2008, 16:43 Mathachew francky06l: I have a conditional, if the user is logged in, do this, if not, do that
# Aug 6th 2008, 16:43 TommyO $this->Auth->allow('action');
# Aug 6th 2008, 16:43 TommyO no need to trigger isAuthorized at all
# Aug 6th 2008, 16:43 Mathachew I have a permission system in place
# Aug 6th 2008, 16:43 francky06l Mathachew: yes and ?
# Aug 6th 2008, 16:43 Mathachew francky06l: and manually checking the user's permission returns true, but they are still automatically redirecte
# Aug 6th 2008, 16:44 TommyO Mathachew: ^^^^
# Aug 6th 2008, 16:44 francky06l Mathachew: well either you do not care of the user hit, then you do not need ACL .... or you do then you can verify it
# Aug 6th 2008, 16:44 TommyO will allow un-authenticated users to a specific action
# Aug 6th 2008, 16:45 Mathachew TommyO: Having to specify $this->Auth->allow() doesn't work for me because that's not a dynamic solution
# Aug 6th 2008, 16:46 TommyO Mathachew: it can be. how is it not dynamic? what needs to be dynamic?
# Aug 6th 2008, 16:46 Mathachew francky06l: I don't see what you mean... I have the permissions in place to authorize the user, regardless if they're logged in, but the problem is that anonymous users are given the login screen
# Aug 6th 2008, 16:46 Mathachew TommyO: I couldn't create an interface to work well with Cake's ACL, so I have my own, which is working, but the authentication is causing the problem for anonymous users
# Aug 6th 2008, 16:47 francky06l Mathachew: I have solved this kind of problem by having a "default" user .... then you can have ACL on it ... everyone that has got a new session (or non Auth variable) get the same Auth variable ...contralable by ACL
# Aug 6th 2008, 16:47 francky06l Mathachew: well then if you have your own I do not know .... I am quite familiar with cake's native one .....
# Aug 6th 2008, 16:47 Mathachew My default user is anonymous and permissions are created for the anonymous user, my problem is the Authentication being triggered when I don't need it to
# Aug 6th 2008, 16:48 TommyO Mathachew: allow() has nothing to do with ACL. it has to do with whether an unauthenticated user gets redirected
# Aug 6th 2008, 16:48 TommyO if you allow(),, then they're NOT redirected
# Aug 6th 2008, 16:48 Mathachew I know
# Aug 6th 2008, 16:48 TommyO which is what you want
# Aug 6th 2008, 16:48 Mathachew No, it's not what I want
# Aug 6th 2008, 16:48 Mathachew I have everything I want in place except for anonymous users
# Aug 6th 2008, 16:48 Mathachew everything else is working
# Aug 6th 2008, 16:49 francky06l Mathachew: again, I do not know what your implementation is ..but seems quite easy to check if a user is authenticated or not, if not authenticate him as anonymous..
# Aug 6th 2008, 16:49 Mathachew I don't want to specify $this->Auth->allow() in each controller I create when my custom ACL will allow/deny access to the controller's action
# Aug 6th 2008, 16:49 Mathachew ugh
# Aug 6th 2008, 16:49 Mathachew My problem is the Auth component automatically redirecting because the user isn't logged in
# Aug 6th 2008, 16:49 Mathachew they have permission to read the controller, but they're redirected anywayh
# Aug 6th 2008, 16:50 TommyO Mathachew: ughh is right. your problem is Auth component automatically redirecting because the user isn't logged in and not allow()'ed. allow for that action and your problem disappears
# Aug 6th 2008, 16:50 francky06l Mathachew: well you have to check something in app_controller before to set the Auth parameter, but .... easy ?
# Aug 6th 2008, 16:51 francky06l TommyO: you can check before you give the Auth instruction .... I guess
# Aug 6th 2008, 16:51 Mathachew so Auth is tying itself to the ACL, in a manner of speaking
# Aug 6th 2008, 16:51 TommyO Mathachew: absolutely not
# Aug 6th 2008, 16:51 Mathachew oh but it is
# Aug 6th 2008, 16:51 TommyO allow() is not ACL
# Aug 6th 2008, 16:51 Mathachew I know that
# Aug 6th 2008, 16:51 TommyO ACTION gives up talking to the wall
# Aug 6th 2008, 16:51 Mathachew no no no
# Aug 6th 2008, 16:51 Mathachew hear me out
# Aug 6th 2008, 16:52 francky06l Mathachew: you can check before Auth in beforeFilter ..
# Aug 6th 2008, 16:52 Mathachew I have to tell the Auth model to allow access to an action that ACL would determine
# Aug 6th 2008, 16:52 Mathachew how's that not tying itself to it?
# Aug 6th 2008, 16:52 TommyO regardless of before or after in beforeFIlter - it happens in startup anyway, AFTER beforeFilter
# Aug 6th 2008, 16:52 francky06l Mathachew: is all the anonymous are to have the same rigthts?
# Aug 6th 2008, 16:52 Mathachew yep
# Aug 6th 2008, 16:52 TommyO Mathachew: no. can be determined by a model, ACL, a custom component, a controller, anything you want
# Aug 6th 2008, 16:53 francky06l Mathachew: you can then create a User for them (I mean a fake one) ?
# Aug 6th 2008, 16:53 Mathachew How is access to an action not ACL?
# Aug 6th 2008, 16:53 TommyO ACL is a specific means of access control. there are many, many other ways
# Aug 6th 2008, 16:53 Mathachew francky06l: I have an anonymous group. I already have it setup so that it applies this group's permissions to the user if they're not logged in. Authenticated users will have a specified group when they're added and such, permissions are inherited
# Aug 6th 2008, 16:54 TommyO like Controller/action
# Aug 6th 2008, 16:54 francky06l Mathachew: then your problem is to identify this users ?
# Aug 6th 2008, 16:55 Mathachew francky06l: no... my problem is granting permission to a controller/action on unauthenticated users, which it does, but since they're not logged in, they're redirected to the login screen
# Aug 6th 2008, 16:55 TommyO *sigh*
# Aug 6th 2008, 16:55 Mathachew let me rephrase that
# Aug 6th 2008, 16:55 Mathachew the permissions are setup so that if checked, they were been granted
# Aug 6th 2008, 16:55 Mathachew but they're not checked
# Aug 6th 2008, 16:56 francky06l Mathachew: so why not affect the same user to the non authenticaed users?
# Aug 6th 2008, 16:56 TommyO why not let all users, authenticated or not, to these actions?
# Aug 6th 2008, 16:56 TommyO that is the same as giving anonymous access + user access
# Aug 6th 2008, 16:56 Mathachew TommyO: That's exactly what I'm aiming for
# Aug 6th 2008, 16:56 francky06l TommyO: yes allso ....
# Aug 6th 2008, 16:56 TommyO $this->Auth->allow('action'); again
# Aug 6th 2008, 16:56 Mathachew bah.
# Aug 6th 2008, 16:57 Mathachew That's not how I want to check my permissions
# Aug 6th 2008, 16:57 Mathachew I only want to force login if permission is initially denied
# Aug 6th 2008, 16:57 TommyO why are you checking permissions if everyone gets throguh for that action?
# Aug 6th 2008, 16:57 francky06l Mathachew: I guess your problem is you want to control the "bla" in allow ?
# Aug 6th 2008, 16:57 Mathachew but I guess I can't rely on Auth now
# Aug 6th 2008, 16:57 Mathachew TommyO: Again, only authenticated users are getting through, anonymous users are redirected
# Aug 6th 2008, 16:57 TommyO Mathachew: yes! that's what I'm saying. deny all, allow specific actions
# Aug 6th 2008, 16:57 Mathachew That's what I have!
# Aug 6th 2008, 16:58 francky06l Mathachew: it's simple really ... create an anonymous user, in beforeFilter check this user ..if not autheticated, affect him the anonymous user ..
# Aug 6th 2008, 16:58 Mathachew That's what I'm trying to do
# Aug 6th 2008, 16:58 Mathachew but Auth is redirecting.
# Aug 6th 2008, 16:58 francky06l Mathachew: and?
# Aug 6th 2008, 16:58 Mathachew I feel like I'm repeating myself
# Aug 6th 2008, 16:58 TommyO Mathachew: and why is Auth redirecting?
# Aug 6th 2008, 16:59 francky06l Mathachew: you have to check before Auth does
# Aug 6th 2008, 16:59 francky06l Mathachew: some code of you beforeFilter?
# Aug 6th 2008, 16:59 Mathachew so I use Auth after I've established permissions
# Aug 6th 2008, 16:59 Mathachew ACL before Auth, right?
# Aug 6th 2008, 16:59 TommyO Auth does its check AFTER beforeFilter and before the action is called
# Aug 6th 2008, 17:00 francky06l Mathachew: no, it's more simple
# Aug 6th 2008, 17:00 TommyO Auth(orization) is different than Auth(entication)
# Aug 6th 2008, 17:00 TommyO AuthComponent helps with both if you let it
# Aug 6th 2008, 17:00 Mathachew ACL before Authentication
# Aug 6th 2008, 17:00 TommyO no