# |
Aug 6th 2008, 17:04 |
TommyO |
Mathachew: look more closely at Auth then. because it's not unless you tell it to. |
# |
Aug 6th 2008, 17:04 |
francky06l |
nymacro: hummm not familiat with SQllite ... |
# |
Aug 6th 2008, 17:04 |
Mathachew |
Auth is authorizing and authenticating. I don't want it to |
# |
Aug 6th 2008, 17:03 |
Mathachew |
my ACL portion is working I mean |
# |
Aug 6th 2008, 17:03 |
TommyO |
allow() and deny() only tell auth whether an Authenticated user should be handed off to your authorization level or redirected |
# |
Aug 6th 2008, 17:03 |
Mathachew |
The system is already working |
# |
Aug 6th 2008, 17:03 |
francky06l |
Mathachew: I think you are overthinking ACL |
# |
Aug 6th 2008, 17:03 |
Mathachew |
I'm authorizing the user based on the permissions that are set |
# |
Aug 6th 2008, 17:03 |
Mathachew |
TommyO: Oi. I am, it's what my custom ACL solution is |
# |
Aug 6th 2008, 17:02 |
TommyO |
Mathachew: ok. then hand off authorization somewhere else right? |
# |
Aug 6th 2008, 17:02 |
francky06l |
? |
# |
Aug 6th 2008, 17:02 |
francky06l |
authenticate is an home made component |
# |
Aug 6th 2008, 17:02 |
Mathachew |
my Authorization is handled separately |
# |
Aug 6th 2008, 17:02 |
nymacro |
francky06l: aye, I'm having problems setting it up though.. Not sure what is wrong. Keeps on complaining about rght. Maybe because i'm using SQLite3 DBO |
# |
Aug 6th 2008, 17:01 |
Mathachew |
I don't want Auth to authorize, only authenticate |
# |
Aug 6th 2008, 17:01 |
francky06l |
nymacro: I love ACL |
# |
Aug 6th 2008, 17:01 |
TommyO |
all allow('action'); does is set the rules for Auth |
# |
Aug 6th 2008, 17:01 |
Mathachew |
TommyO: I have rules in place, it's all dynamically built |
# |
Aug 6th 2008, 17:01 |
nymacro |
lol, I'm having trouble with ACL at the moment too ;) |
# |
Aug 6th 2008, 17:01 |
TommyO |
I said set the rules |
# |
Aug 6th 2008, 17:01 |
francky06l |
Mathachew: can youpast some code in bin ? |
# |
Aug 6th 2008, 17:01 |
Mathachew |
it's my own |
# |
Aug 6th 2008, 17:01 |
Mathachew |
I want ACL |
# |
Aug 6th 2008, 17:01 |
TommyO |
nope |
# |
Aug 6th 2008, 17:01 |
TommyO |
I said you don't need ACL |
# |
Aug 6th 2008, 17:00 |
Mathachew |
do my checking before Auth comes in |
# |
Aug 6th 2008, 17:00 |
TommyO |
nope |
# |
Aug 6th 2008, 17:00 |
Mathachew |
well that's what you're telling me to do |
# |
Aug 6th 2008, 17:00 |
Mathachew |
right? |
# |
Aug 6th 2008, 17:00 |
TommyO |
no |
# |
Aug 6th 2008, 17:00 |
Mathachew |
ACL before Authentication |
# |
Aug 6th 2008, 17:00 |
TommyO |
AuthComponent helps with both if you let it |
# |
Aug 6th 2008, 17:00 |
TommyO |
Auth(orization) is different than Auth(entication) |
# |
Aug 6th 2008, 17:00 |
francky06l |
Mathachew: no, it's more simple |
# |
Aug 6th 2008, 16:59 |
TommyO |
Auth does its check AFTER beforeFilter and before the action is called |
# |
Aug 6th 2008, 16:59 |
Mathachew |
ACL before Auth, right? |
# |
Aug 6th 2008, 16:59 |
Mathachew |
so I use Auth after I've established permissions |
# |
Aug 6th 2008, 16:59 |
francky06l |
Mathachew: some code of you beforeFilter? |
# |
Aug 6th 2008, 16:59 |
francky06l |
Mathachew: you have to check before Auth does |
# |
Aug 6th 2008, 16:58 |
TommyO |
Mathachew: and why is Auth redirecting? |
# |
Aug 6th 2008, 16:58 |
Mathachew |
I feel like I'm repeating myself |