# |
Sep 30th 2016, 08:35 |
steinkel |
one workaround could be not using isAuthorized and adding a rule to SimpleRbac to check that condition in the allowed callback |
# |
Sep 30th 2016, 08:34 |
kingloui |
@steinkel so that means that in the cakedc/users context the check works, but borrowed to controller authorize it wonâ??t? |
# |
Sep 30th 2016, 08:33 |
admad |
Neon1024: the same can be said about older versions of most softwares :slightly_smiling_face: Except maybe windows :P |
# |
Sep 30th 2016, 08:33 |
steinkel |
yeah, the helper has some limitations as we didn't want to load the target controller and apply all the related logic that could affect Auth in init/beforeFilter/etc |
# |
Sep 30th 2016, 08:32 |
birdy247 |
It works for me atm though :slightly_smiling_face: |
# |
Sep 30th 2016, 08:32 |
birdy247 |
@dereuromark yes, it hasnt been changed for a while |
# |
Sep 30th 2016, 08:30 |
slackebot |
because the admin PagesController authorizes the request although the request is for /admin/users/index |
# |
Sep 30th 2016, 08:30 |
kingloui |
@steinkel yeah thats the code I borrowed, I want to test my code without cakedc users so i copied the function from the controller. The thing I donâ??t understand is: Iâ??m currently on http://myapp/admin/page/index> which the user is authorized for through the Admin PageController isAuthorized method. On this page I check the url <http://myapp/admin/users/index where the users is not authorized for. The check function from the CakeDC Compo |
# |
Sep 30th 2016, 08:29 |
Neon1024 |
Ruh roh |
# |
Sep 30th 2016, 08:28 |
Neon1024 |
I mean, like, I appreciate all the effort that went into it, but Cake 3 really blows it out of the water |
# |
Sep 30th 2016, 08:28 |
Neon1024 |
Cake 2 really sucks compared to Cake 3 |
# |
Sep 30th 2016, 08:28 |
Neon1024 |
Ouch thatâ??s old |
# |
Sep 30th 2016, 08:28 |
Neon1024 |
Oh 3.7.* |
# |
Sep 30th 2016, 08:27 |
Neon1024 |
Which 4.3 version of PHP Unit is it for Cake 2? |
# |
Sep 30th 2016, 08:25 |
steinkel |
@kingloui check https://github.com/CakeDC/users/blob/master/src/View/Helper/AuthLinkHelper.php it will provide you exactly that feature |
# |
Sep 30th 2016, 08:23 |
sandeeep |
Thanks Neon1024 |
# |
Sep 30th 2016, 08:22 |
kingloui |
isnâ??t the authComponents isAuthorized method the right place to check? |
# |
Sep 30th 2016, 08:22 |
kingloui |
actually the authorization should be interchangeable, I need the check for a menubuilder to check if a menuitem should be rendered or not. In the end for my projects i will use CakeDC users but it should work for any kind of authorization system |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
Think of it the same way as a User hasMany Addresses, Users hasMany TelephoneNumbers |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
So you users table can be clean, and your extra data is normalized into itâ??s own table |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
Admin users donâ??t have any details, but regular users do |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
Users hasOne UserDetails |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
Just donâ??t do it. |
# |
Sep 30th 2016, 08:21 |
Neon1024 |
You DO NOT need two tables of users |
# |
Sep 30th 2016, 08:20 |
Neon1024 |
No, |
# |
Sep 30th 2016, 08:20 |
sandeeep |
<Neon1024>With belongs to option where admin is not mapped with this table. Right? |
# |
Sep 30th 2016, 08:20 |
dereuromark |
instead of having a lot of isAuthorized() code in each controller, a very lightweight TinyAuth approach# |
# |
Sep 30th 2016, 08:19 |
dereuromark |
unless it is dynamic deciisions |
# |
Sep 30th 2016, 08:19 |
kingloui |
what* |
# |
Sep 30th 2016, 08:19 |
kingloui |
how to you mean with use the same plugin? |
# |
Sep 30th 2016, 08:19 |
dereuromark |
kingloui: for you I would recommend using the same plugin, takes all the overhead away from the controller code. |
# |
Sep 30th 2016, 08:18 |
Neon1024 |
sandeeep: No, youâ??d normalize that data out into a related table |
# |
Sep 30th 2016, 08:18 |
Neon1024 |
As your controller will extend it |
# |
Sep 30th 2016, 08:18 |
sandeeep |
In my system normal user have to fill lot of information which is not required in admin case, so do i have to use separate table to store these data |
# |
Sep 30th 2016, 08:18 |
Neon1024 |
Why are you not using the isAuthorized() method in the AppController, which would seem to me, the easiest way to achieve this |
# |
Sep 30th 2016, 08:16 |
kingloui |
I want to check if a url is authorized for the user |
# |
Sep 30th 2016, 08:16 |
kingloui |
can someone give me a hint why $this->_registry->getController()->Auth->isAuthorized(null, $request); gets authorized by the current controller and not by the one requested by passed argument $request? |
# |
Sep 30th 2016, 08:15 |
dereuromark |
If you use sth like https://github.com/dereuromark/cakephp-tinyauth it is a matter of 3 minutes :slightly_smiling_face: |
# |
Sep 30th 2016, 08:14 |
dereuromark |
sandeeep: yeah, always use a single entry point ( login) and a user table with role_id s |
# |
Sep 30th 2016, 08:14 |
sandeeep |
Ok than how i can limit normal user to access admin interface |
# |
Sep 30th 2016, 08:14 |
Neon1024 |
Creating two separate tables will make your development significantly harder, for no benefit |