# |
Aug 6th 2008, 16:58 |
francky06l |
Mathachew: it's simple really ... create an anonymous user, in beforeFilter check this user ..if not autheticated, affect him the anonymous user .. |
# |
Aug 6th 2008, 16:57 |
Mathachew |
That's what I have! |
# |
Aug 6th 2008, 16:57 |
TommyO |
Mathachew: yes! that's what I'm saying. deny all, allow specific actions |
# |
Aug 6th 2008, 16:57 |
Mathachew |
TommyO: Again, only authenticated users are getting through, anonymous users are redirected |
# |
Aug 6th 2008, 16:57 |
Mathachew |
but I guess I can't rely on Auth now |
# |
Aug 6th 2008, 16:57 |
francky06l |
Mathachew: I guess your problem is you want to control the "bla" in allow ? |
# |
Aug 6th 2008, 16:57 |
TommyO |
why are you checking permissions if everyone gets throguh for that action? |
# |
Aug 6th 2008, 16:57 |
Mathachew |
I only want to force login if permission is initially denied |
# |
Aug 6th 2008, 16:57 |
Mathachew |
That's not how I want to check my permissions |
# |
Aug 6th 2008, 16:56 |
Mathachew |
bah. |
# |
Aug 6th 2008, 16:56 |
TommyO |
$this->Auth->allow('action'); again |
# |
Aug 6th 2008, 16:56 |
francky06l |
TommyO: yes allso .... |
# |
Aug 6th 2008, 16:56 |
Mathachew |
TommyO: That's exactly what I'm aiming for |
# |
Aug 6th 2008, 16:56 |
TommyO |
that is the same as giving anonymous access + user access |
# |
Aug 6th 2008, 16:56 |
TommyO |
why not let all users, authenticated or not, to these actions? |
# |
Aug 6th 2008, 16:56 |
francky06l |
Mathachew: so why not affect the same user to the non authenticaed users? |
# |
Aug 6th 2008, 16:55 |
Mathachew |
but they're not checked |
# |
Aug 6th 2008, 16:55 |
Mathachew |
the permissions are setup so that if checked, they were been granted |
# |
Aug 6th 2008, 16:55 |
Mathachew |
let me rephrase that |
# |
Aug 6th 2008, 16:55 |
TommyO |
*sigh* |
# |
Aug 6th 2008, 16:55 |
Mathachew |
francky06l: no... my problem is granting permission to a controller/action on unauthenticated users, which it does, but since they're not logged in, they're redirected to the login screen |
# |
Aug 6th 2008, 16:54 |
francky06l |
Mathachew: then your problem is to identify this users ? |
# |
Aug 6th 2008, 16:54 |
TommyO |
like Controller/action |
# |
Aug 6th 2008, 16:53 |
Mathachew |
francky06l: I have an anonymous group. I already have it setup so that it applies this group's permissions to the user if they're not logged in. Authenticated users will have a specified group when they're added and such, permissions are inherited |
# |
Aug 6th 2008, 16:53 |
TommyO |
ACL is a specific means of access control. there are many, many other ways |
# |
Aug 6th 2008, 16:53 |
Mathachew |
How is access to an action not ACL? |
# |
Aug 6th 2008, 16:53 |
francky06l |
Mathachew: you can then create a User for them (I mean a fake one) ? |
# |
Aug 6th 2008, 16:52 |
TommyO |
Mathachew: no. can be determined by a model, ACL, a custom component, a controller, anything you want |
# |
Aug 6th 2008, 16:52 |
Mathachew |
yep |
# |
Aug 6th 2008, 16:52 |
francky06l |
Mathachew: is all the anonymous are to have the same rigthts? |
# |
Aug 6th 2008, 16:52 |
TommyO |
regardless of before or after in beforeFIlter - it happens in startup anyway, AFTER beforeFilter |
# |
Aug 6th 2008, 16:52 |
Mathachew |
how's that not tying itself to it? |
# |
Aug 6th 2008, 16:52 |
Mathachew |
I have to tell the Auth model to allow access to an action that ACL would determine |
# |
Aug 6th 2008, 16:52 |
francky06l |
Mathachew: you can check before Auth in beforeFilter .. |
# |
Aug 6th 2008, 16:51 |
Mathachew |
hear me out |
# |
Aug 6th 2008, 16:51 |
Mathachew |
no no no |
# |
Aug 6th 2008, 16:51 |
TommyO |
ACTION gives up talking to the wall |
# |
Aug 6th 2008, 16:51 |
Mathachew |
I know that |
# |
Aug 6th 2008, 16:51 |
TommyO |
allow() is not ACL |
# |
Aug 6th 2008, 16:51 |
Mathachew |
oh but it is |
# |
Aug 6th 2008, 16:51 |
TommyO |
Mathachew: absolutely not |