Log message #114237

# At Username Text
# Aug 9th 2008, 18:15 jaredhoyt ACTION loves wizard
# Aug 9th 2008, 18:15 jaredhoyt lol
# Aug 9th 2008, 18:15 markstory ACTION loves acl
# Aug 9th 2008, 18:14 jaredhoyt jezek: nah, to just protect admin routing stuff you can just use controller authorization
# Aug 9th 2008, 18:14 jaredhoyt TommyO: i like your above solution better than the one i've been telling people... didn't think about the admin param... i've been saying if(in_array($this->action, array('admin_edit', etc...)) andand ...) { }
# Aug 9th 2008, 18:13 jezek so not if i just have user and admin?
# Aug 9th 2008, 18:13 jaredhoyt i haven't had a need for acl yet... you'd need if you had multiple roles like author, contributor, admin, superuser etc
# Aug 9th 2008, 18:12 jaredhoyt but simple access control can be handle by the authcomponent as in the above example
# Aug 9th 2008, 18:12 jaredhoyt jezek: sort of... auth identifies a person, acl specifies their access
# Aug 9th 2008, 18:11 jezek don't those go hand in hand
# Aug 9th 2008, 18:11 TommyO ACTION loves Auth
# Aug 9th 2008, 18:11 jaredhoyt actually i haven't used acl in a while so i wouldn't know :)
# Aug 9th 2008, 18:10 jaredhoyt Acl on the other hand...
# Aug 9th 2008, 18:10 jezek ok
# Aug 9th 2008, 18:10 jaredhoyt jezek: AuthComponent is very simple :D
# Aug 9th 2008, 18:10 jaredhoyt and add Auth->authorize = 'controller' to your beforeFilter()
# Aug 9th 2008, 18:10 jezek i don't really knoe how to use it, but i guess i'll learn
# Aug 9th 2008, 18:10 jezek ok
# Aug 9th 2008, 18:09 jezek well not user yet
# Aug 9th 2008, 18:09 jaredhoyt jezek: if it's just admin and users, the above is the best solution ^^
# Aug 9th 2008, 18:09 jezek admin and user
# Aug 9th 2008, 18:09 TommyO like: AppController::isAuthorized() { if ($this->params['admin'] andand !$this->Auth->user('admin')) { return false; }}
# Aug 9th 2008, 18:09 jaredhoyt multiple levels, or just admin and user
# Aug 9th 2008, 18:09 jezek no different levels
# Aug 9th 2008, 18:08 tomas- how do i go about performing ajax operations (loading content via ajax) when the page loads? I am implementing content (such as a photo album) that is ajax updateable, i thought i could just load it via ajax when the page originally loads
# Aug 9th 2008, 18:08 jaredhoyt jezek: is it simple access control... or are there different levels of users
# Aug 9th 2008, 18:08 jaredhoyt jezek: why not let AuthComponent take care of some of this
# Aug 9th 2008, 18:08 jezek admin routing
# Aug 9th 2008, 18:08 jezek and i need a login form, etc..
# Aug 9th 2008, 18:08 jaredhoyt are you using admin routing or just protecting certain controllers or actions
# Aug 9th 2008, 18:08 jezek ...
# Aug 9th 2008, 18:07 TommyO jezek: yes. like: if ($this->params['admin'])
# Aug 9th 2008, 18:07 jezek well i have quite a few functions
# Aug 9th 2008, 18:07 jaredhoyt jezek: is that all you're doing, there's probalby a simpler way than this =P
# Aug 9th 2008, 18:07 jezek i want to be able to protect my admin area
# Aug 9th 2008, 18:06 jaredhoyt in a component, but the method in the component that uses the model is called from AppController's beforeFilter
# Aug 9th 2008, 18:06 TommyO this is in a component or beforeFilter?
# Aug 9th 2008, 18:06 jaredhoyt it's warned against in the manual, but shows you how
# Aug 9th 2008, 18:06 jaredhoyt dunno, he's wanting to use a model in a component
# Aug 9th 2008, 18:06 TommyO sounds like a design flaw
# Aug 9th 2008, 18:06 jaredhoyt components don't normal hold models, so i didn't see the harm :)