# |
Aug 6th 2008, 16:49 |
Mathachew |
ugh |
# |
Aug 6th 2008, 16:49 |
Mathachew |
I don't want to specify $this->Auth->allow() in each controller I create when my custom ACL will allow/deny access to the controller's action |
# |
Aug 6th 2008, 16:49 |
francky06l |
Mathachew: again, I do not know what your implementation is ..but seems quite easy to check if a user is authenticated or not, if not authenticate him as anonymous.. |
# |
Aug 6th 2008, 16:48 |
Mathachew |
everything else is working |
# |
Aug 6th 2008, 16:48 |
Mathachew |
I have everything I want in place except for anonymous users |
# |
Aug 6th 2008, 16:48 |
Mathachew |
No, it's not what I want |
# |
Aug 6th 2008, 16:48 |
TommyO |
which is what you want |
# |
Aug 6th 2008, 16:48 |
Mathachew |
I know |
# |
Aug 6th 2008, 16:48 |
TommyO |
if you allow(),, then they're NOT redirected |
# |
Aug 6th 2008, 16:48 |
TommyO |
Mathachew: allow() has nothing to do with ACL. it has to do with whether an unauthenticated user gets redirected |
# |
Aug 6th 2008, 16:47 |
Mathachew |
My default user is anonymous and permissions are created for the anonymous user, my problem is the Authentication being triggered when I don't need it to |
# |
Aug 6th 2008, 16:47 |
francky06l |
Mathachew: well then if you have your own I do not know .... I am quite familiar with cake's native one ..... |
# |
Aug 6th 2008, 16:47 |
francky06l |
Mathachew: I have solved this kind of problem by having a "default" user .... then you can have ACL on it ... everyone that has got a new session (or non Auth variable) get the same Auth variable ...contralable by ACL |
# |
Aug 6th 2008, 16:46 |
Mathachew |
TommyO: I couldn't create an interface to work well with Cake's ACL, so I have my own, which is working, but the authentication is causing the problem for anonymous users |
# |
Aug 6th 2008, 16:46 |
Mathachew |
francky06l: I don't see what you mean... I have the permissions in place to authorize the user, regardless if they're logged in, but the problem is that anonymous users are given the login screen |
# |
Aug 6th 2008, 16:46 |
TommyO |
Mathachew: it can be. how is it not dynamic? what needs to be dynamic? |
# |
Aug 6th 2008, 16:45 |
Mathachew |
TommyO: Having to specify $this->Auth->allow() doesn't work for me because that's not a dynamic solution |
# |
Aug 6th 2008, 16:44 |
TommyO |
will allow un-authenticated users to a specific action |
# |
Aug 6th 2008, 16:44 |
francky06l |
Mathachew: well either you do not care of the user hit, then you do not need ACL .... or you do then you can verify it |
# |
Aug 6th 2008, 16:44 |
TommyO |
Mathachew: ^^^^ |
# |
Aug 6th 2008, 16:43 |
Mathachew |
francky06l: and manually checking the user's permission returns true, but they are still automatically redirecte |
# |
Aug 6th 2008, 16:43 |
francky06l |
Mathachew: yes and ? |
# |
Aug 6th 2008, 16:43 |
Mathachew |
I have a permission system in place |
# |
Aug 6th 2008, 16:43 |
TommyO |
no need to trigger isAuthorized at all |
# |
Aug 6th 2008, 16:43 |
TommyO |
$this->Auth->allow('action'); |
# |
Aug 6th 2008, 16:43 |
Mathachew |
francky06l: I have a conditional, if the user is logged in, do this, if not, do that |
# |
Aug 6th 2008, 16:42 |
Mathachew |
controllers and actions |
# |
Aug 6th 2008, 16:42 |
TommyO |
Mathachew: specific nodes you mean ACL? or actions? |
# |
Aug 6th 2008, 16:41 |
castroalves |
Bye!!! |
# |
Aug 6th 2008, 16:41 |
castroalves |
BTW, thanks for all.. |
# |
Aug 6th 2008, 16:41 |
francky06l |
Mathachew: some who did not logged, is not in Auth->user(), so you can create for him a "generic" Auth value in session where the user id = 0; then use this to check in isAuthorized |
# |
Aug 6th 2008, 16:41 |
castroalves |
Tomorrow I come back to talk to you... |
# |
Aug 6th 2008, 16:41 |
castroalves |
I gotta go... |
# |
Aug 6th 2008, 16:40 |
renan_saddam |
;) |
# |
Aug 6th 2008, 16:40 |
castroalves |
renan_saddam: is just it |
# |
Aug 6th 2008, 16:40 |
castroalves |
ahahahhah |
# |
Aug 6th 2008, 16:40 |
castroalves |
renan_saddam: I love you, man! |
# |
Aug 6th 2008, 16:40 |
TommyO |
castroalves: your authentication will have to reside somewhere less 'dynamic' |
# |
Aug 6th 2008, 16:40 |
Mathachew |
francky06l: elaborate because I've tried using it manually on anonymous uses and it didn't work |
# |
Aug 6th 2008, 16:39 |
TommyO |
castroalves: determine an identify value of some sort. set the dbConfig value in the model based on it |
# |
Aug 6th 2008, 16:39 |
xhenxh1 |
OK, I'll give it shot. Thanks TommyO |