| # |
Jul 9th 2018, 10:22 |
 josbeir |
i dont use Search.Prg |
| # |
Jul 9th 2018, 10:22 |
neon1024 |
As I end up with `/admin/users?role_id=1` |
| # |
Jul 9th 2018, 10:22 |
hmic |
josbeir: i dont see that. i think its a best practise (with prg) |
| # |
Jul 9th 2018, 10:22 |
neon1024 |
That’s what the Prg is for |
| # |
Jul 9th 2018, 10:21 |
josbeir |
its just.. POST for search is just a asking for UX issues |
| # |
Jul 9th 2018, 10:21 |
hmic |
nothing gets saved there and tampering with the to delete ids shouldnt be a problem |
| # |
Jul 9th 2018, 10:21 |
neon1024 |
It’s in my admin, so I’m not totally uncomfortable with this sidestep |
| # |
Jul 9th 2018, 10:21 |
hmic |
jsut turn securitz off for the index action, sure |
| # |
Jul 9th 2018, 10:21 |
neon1024 |
Hah, good point hmic! |
| # |
Jul 9th 2018, 10:21 |
neon1024 |
`$this->Security->setConfig('unlockedActions', ['index']);` |
| # |
Jul 9th 2018, 10:20 |
hmic |
use Grg instead of Prg :p |
| # |
Jul 9th 2018, 10:20 |
neon1024 |
If it’s more code than |
| # |
Jul 9th 2018, 10:20 |
josbeir |
just disable the security stuff on that form |
| # |
Jul 9th 2018, 10:20 |
josbeir |
yep i faced that too but thats fixable |
| # |
Jul 9th 2018, 10:19 |
neon1024 |
`?_method=POSTandemail=androle_id=2andjob_title=and_method=POSTand_Token%5Bfields%5D=a6fd62a38403f1066acb49a7d63299b8d6bef5ae%253Aand_Token%5Bunlocked%5D=and_Token%5Bdebug%5D=%255B%2522%255C%252Fadmin%255C%252Fusers%255C%252Fdelete%255C%252F1%2522%252C%255B%255D%252C%255B%255D%255D` |
| # |
Jul 9th 2018, 10:19 |
neon1024 |
I don’t like using GET, even with Search.Prg, as my url gets garbled |
| # |
Jul 9th 2018, 10:19 |
hmic |
sure |
| # |
Jul 9th 2018, 10:18 |
neon1024 |
So that I don’t need to configure the listener for every controller |
| # |
Jul 9th 2018, 10:18 |
neon1024 |
Can I pass true to contain all associations? |
| # |
Jul 9th 2018, 10:18 |
hmic |
then add the containedModels key with an array of models you want to contain in the action setup array, exactly the same like relatedModels works |
| # |
Jul 9th 2018, 10:17 |
hmic |
you add App.ContainedModels to your listernes kez of the crud setup in the controller, where all the other listeners go too... |
| # |
Jul 9th 2018, 10:17 |
neon1024 |
Thanks hmic! I will take a look at that shorlty |
| # |
Jul 9th 2018, 10:16 |
neon1024 |
Especially as the Search.Prg should deal with that |
| # |
Jul 9th 2018, 10:16 |
hmic |
https://gist.github.com/hmic/2fd01903d64c3c3d769aa85aa9ed0d08 |
| # |
Jul 9th 2018, 10:14 |
neon1024 |
Yes, good point |
| # |
Jul 9th 2018, 10:14 |
josbeir |
:P |
| # |
Jul 9th 2018, 10:14 |
josbeir |
@neon1024 dont POST your search form ! |
| # |
Jul 9th 2018, 10:09 |
hmic |
not sure why i didnt extend the existing listener, but there might have been a reason... |
| # |
Jul 9th 2018, 10:08 |
hmic |
i'll get you the gist in a minute |
| # |
Jul 9th 2018, 10:07 |
neon1024 |
https://book.cakephp.org/3.0/en/controllers/components/security.html#disabling-security-component-for-specific-actions |
| # |
Jul 9th 2018, 10:07 |
neon1024 |
Unlocking the index action solves the issue |
| # |
Jul 9th 2018, 10:07 |
neon1024 |
Turns out it’s because the SecurityComponent by default only allows POST on an Index action to a delete method |
| # |
Jul 9th 2018, 10:07 |
hmic |
nested forms, because of using delete on the index page, maybe? |
| # |
Jul 9th 2018, 10:06 |
hmic |
or your form is messed up |
| # |
Jul 9th 2018, 10:06 |
hmic |
because you have the app open in multiple tabs or used the browser forward/back buttons |
| # |
Jul 9th 2018, 09:53 |
neon1024 |
So I have no clue why the SecurityComponent is expecting delete |
| # |
Jul 9th 2018, 09:53 |
neon1024 |
I’m just submitting my search form |
| # |
Jul 9th 2018, 09:52 |
neon1024 |
`URL mismatch in POST data (expected '/admin/users/delete/1' but found '/admin/users')` |
| # |
Jul 9th 2018, 09:52 |
neon1024 |
Does anyone know what this means? |
| # |
Jul 9th 2018, 09:40 |
neon1024 |
RIMMER: Tomorrow. It’s on tomorrow’s daily goal list. Item 34, right after “Learn Portugese.” |
| # |
Jul 9th 2018, 09:39 |
neon1024 |
Or write a new listener and suggest that the old one be deprecated |