| # |
Aug 9th 2008, 18:15 |
jaredhoyt |
lol |
| # |
Aug 9th 2008, 18:15 |
markstory |
�ACTION loves acl� |
| # |
Aug 9th 2008, 18:14 |
jaredhoyt |
jezek: nah, to just protect admin routing stuff you can just use controller authorization |
| # |
Aug 9th 2008, 18:14 |
jaredhoyt |
TommyO: i like your above solution better than the one i've been telling people... didn't think about the admin param... i've been saying if(in_array($this->action, array('admin_edit', etc...)) andand ...) { } |
| # |
Aug 9th 2008, 18:13 |
jezek |
so not if i just have user and admin? |
| # |
Aug 9th 2008, 18:13 |
jaredhoyt |
i haven't had a need for acl yet... you'd need if you had multiple roles like author, contributor, admin, superuser etc |
| # |
Aug 9th 2008, 18:12 |
jaredhoyt |
but simple access control can be handle by the authcomponent as in the above example |
| # |
Aug 9th 2008, 18:12 |
jaredhoyt |
jezek: sort of... auth identifies a person, acl specifies their access |
| # |
Aug 9th 2008, 18:11 |
jezek |
don't those go hand in hand |
| # |
Aug 9th 2008, 18:11 |
TommyO |
�ACTION loves Auth� |
| # |
Aug 9th 2008, 18:11 |
jaredhoyt |
actually i haven't used acl in a while so i wouldn't know :) |
| # |
Aug 9th 2008, 18:10 |
jaredhoyt |
Acl on the other hand... |
| # |
Aug 9th 2008, 18:10 |
jezek |
ok |
| # |
Aug 9th 2008, 18:10 |
jaredhoyt |
jezek: AuthComponent is very simple :D |
| # |
Aug 9th 2008, 18:10 |
jaredhoyt |
and add Auth->authorize = 'controller' to your beforeFilter() |
| # |
Aug 9th 2008, 18:10 |
jezek |
i don't really knoe how to use it, but i guess i'll learn |
| # |
Aug 9th 2008, 18:10 |
jezek |
ok |
| # |
Aug 9th 2008, 18:09 |
jezek |
well not user yet |
| # |
Aug 9th 2008, 18:09 |
jaredhoyt |
jezek: if it's just admin and users, the above is the best solution ^^ |
| # |
Aug 9th 2008, 18:09 |
jezek |
admin and user |
| # |
Aug 9th 2008, 18:09 |
TommyO |
like: AppController::isAuthorized() { if ($this->params['admin'] andand !$this->Auth->user('admin')) { return false; }} |
| # |
Aug 9th 2008, 18:09 |
jaredhoyt |
multiple levels, or just admin and user |
| # |
Aug 9th 2008, 18:09 |
jezek |
no different levels |
| # |
Aug 9th 2008, 18:08 |
tomas- |
how do i go about performing ajax operations (loading content via ajax) when the page loads? I am implementing content (such as a photo album) that is ajax updateable, i thought i could just load it via ajax when the page originally loads |
| # |
Aug 9th 2008, 18:08 |
jaredhoyt |
jezek: is it simple access control... or are there different levels of users |
| # |
Aug 9th 2008, 18:08 |
jaredhoyt |
jezek: why not let AuthComponent take care of some of this |
| # |
Aug 9th 2008, 18:08 |
jezek |
admin routing |
| # |
Aug 9th 2008, 18:08 |
jezek |
and i need a login form, etc.. |
| # |
Aug 9th 2008, 18:08 |
jaredhoyt |
are you using admin routing or just protecting certain controllers or actions |
| # |
Aug 9th 2008, 18:08 |
jezek |
... |
| # |
Aug 9th 2008, 18:07 |
TommyO |
jezek: yes. like: if ($this->params['admin']) |
| # |
Aug 9th 2008, 18:07 |
jezek |
well i have quite a few functions |
| # |
Aug 9th 2008, 18:07 |
jaredhoyt |
jezek: is that all you're doing, there's probalby a simpler way than this =P |
| # |
Aug 9th 2008, 18:07 |
jezek |
i want to be able to protect my admin area |
| # |
Aug 9th 2008, 18:06 |
jaredhoyt |
in a component, but the method in the component that uses the model is called from AppController's beforeFilter |
| # |
Aug 9th 2008, 18:06 |
TommyO |
this is in a component or beforeFilter? |
| # |
Aug 9th 2008, 18:06 |
jaredhoyt |
it's warned against in the manual, but shows you how |
| # |
Aug 9th 2008, 18:06 |
jaredhoyt |
dunno, he's wanting to use a model in a component |
| # |
Aug 9th 2008, 18:06 |
TommyO |
sounds like a design flaw |
| # |
Aug 9th 2008, 18:06 |
jaredhoyt |
components don't normal hold models, so i didn't see the harm :) |
| # |
Aug 9th 2008, 18:05 |
TommyO |
why? what's the purpose? |