| # |
Aug 6th 2008, 17:12 |
TommyO |
Mathachew: ok. this is the logic. Auth will see if Authenticated. if it is it hands off to Authorization, if not it checks to see what the basic logic is for Authorization by checking the allow/deny rules |
| # |
Aug 6th 2008, 17:11 |
nymacro |
been using http://bakery.cakephp.org/articles/view/how-to-use-acl-in-1-2-x for reference to get it up and running |
| # |
Aug 6th 2008, 17:11 |
francky06l |
MrRio: ask TommyO ..he is :-) |
| # |
Aug 6th 2008, 17:10 |
nymacro |
francky06l: the table is there, and my ACL is pretty simple at the moment |
| # |
Aug 6th 2008, 17:10 |
Mathachew |
francky06l: how? One is for authorization, the other is for authentication |
| # |
Aug 6th 2008, 17:10 |
francky06l |
Mathachew: well you are using then Auth + ACL |
| # |
Aug 6th 2008, 17:10 |
MrRio |
Hey, I'd like to become a CakePHP certified engineer. Anyone I can talk to about this? |
| # |
Aug 6th 2008, 17:09 |
Mathachew |
francky06l: I'm not using ACL with Auth; they're separate and have no correlation (or at least that's what I'm trying to achieve). I'm using ACL to determine if the controller/action is granted or denied to the current user, regardless of who they are. I want to use Auth to log a user in and out, not determine if the user has access to the current page |
| # |
Aug 6th 2008, 17:08 |
francky06l |
seems that your tree table is not there, or not complient |
| # |
Aug 6th 2008, 17:08 |
francky06l |
nymacro: does not look like a DB error to me |
| # |
Aug 6th 2008, 17:07 |
Mathachew |
I'm not explaining it clearly enough then |
| # |
Aug 6th 2008, 17:07 |
nymacro |
francky06l: does this look familiar? Undefined index: rght [CORE/cake/libs/model/behaviors/tree.php, line 889] |
| # |
Aug 6th 2008, 17:07 |
francky06l |
Mathachew: ok but ACL can be used wihtout Auth ... but I am sure you can do what you want with Auth ..seems easy to me |
| # |
Aug 6th 2008, 17:06 |
Mathachew |
it's similar to Cake's ACL |
| # |
Aug 6th 2008, 17:06 |
Mathachew |
I'm using ACL |
| # |
Aug 6th 2008, 17:06 |
TommyO |
in the API |
| # |
Aug 6th 2008, 17:06 |
Mathachew |
wow... I um.. I am |
| # |
Aug 6th 2008, 17:06 |
francky06l |
Mathachew: so, why don't you just use ACL, and manage the rest ? |
| # |
Aug 6th 2008, 17:06 |
TommyO |
Mathachew: look at Auth::authorize |
| # |
Aug 6th 2008, 17:06 |
Mathachew |
TommyO: Well how do I stop it from authorizing? |
| # |
Aug 6th 2008, 17:06 |
nymacro |
but in the end, I think it pays off ;) |
| # |
Aug 6th 2008, 17:06 |
Mathachew |
francky06l: I don't want it to do authorization, that's what my ACL is for |
| # |
Aug 6th 2008, 17:06 |
francky06l |
nymacro: being weird has a price:-) |
| # |
Aug 6th 2008, 17:05 |
nymacro |
Because I'm weird |
| # |
Aug 6th 2008, 17:05 |
francky06l |
nymacro: why not go for mySql ? |
| # |
Aug 6th 2008, 17:05 |
nymacro |
francky06l: I like SQLite for local testing (rather than running a daemon). But SQLite 3 DBO isn't standard with Cake. (It only supports SQLite2 OOB) |
| # |
Aug 6th 2008, 17:04 |
francky06l |
Mathachew: well you can do your own authentication and let Auth doing the authorization |
| # |
Aug 6th 2008, 17:04 |
TommyO |
Mathachew: look more closely at Auth then. because it's not unless you tell it to. |
| # |
Aug 6th 2008, 17:04 |
francky06l |
nymacro: hummm not familiat with SQllite ... |
| # |
Aug 6th 2008, 17:04 |
Mathachew |
Auth is authorizing and authenticating. I don't want it to |
| # |
Aug 6th 2008, 17:03 |
Mathachew |
my ACL portion is working I mean |
| # |
Aug 6th 2008, 17:03 |
TommyO |
allow() and deny() only tell auth whether an Authenticated user should be handed off to your authorization level or redirected |
| # |
Aug 6th 2008, 17:03 |
Mathachew |
The system is already working |
| # |
Aug 6th 2008, 17:03 |
francky06l |
Mathachew: I think you are overthinking ACL |
| # |
Aug 6th 2008, 17:03 |
Mathachew |
I'm authorizing the user based on the permissions that are set |
| # |
Aug 6th 2008, 17:03 |
Mathachew |
TommyO: Oi. I am, it's what my custom ACL solution is |
| # |
Aug 6th 2008, 17:02 |
TommyO |
Mathachew: ok. then hand off authorization somewhere else right? |
| # |
Aug 6th 2008, 17:02 |
francky06l |
? |
| # |
Aug 6th 2008, 17:02 |
francky06l |
authenticate is an home made component |
| # |
Aug 6th 2008, 17:02 |
Mathachew |
my Authorization is handled separately |
| # |
Aug 6th 2008, 17:02 |
nymacro |
francky06l: aye, I'm having problems setting it up though.. Not sure what is wrong. Keeps on complaining about rght. Maybe because i'm using SQLite3 DBO |