| # |
Jun 12th 2019, 16:55 |
 cnizzardini |
After upgrading to 3.7, cakes orm results are treating a varbinary datatype as a resource |
| # |
Jun 12th 2019, 16:51 |
noel |
What is `config/schema/schema-dump-default.lock` for? |
| # |
Jun 12th 2019, 16:47 |
noel |
Oh never mind.. it's because somehow the bake documentation redirected me to cookbook for 1.x and then the search function is looking in the wrong book. |
| # |
Jun 12th 2019, 16:44 |
noel |
I can't find any documentation for Migrations? |
| # |
Jun 12th 2019, 15:00 |
jeremyharris |
it’s nice that the idea is reinforced though :) |
| # |
Jun 12th 2019, 14:59 |
neon1024 |
Always ahead of the game @jeremyharris :thumbsup: |
| # |
Jun 12th 2019, 14:59 |
jeremyharris |
sometimes you just gotta check auth elsewhere I guess ¯\_(ツ)_/¯ |
| # |
Jun 12th 2019, 14:59 |
jeremyharris |
^ that was my first suggestion. the authorization plugin does a great way of abstracting out scoping and such for this very purpose |
| # |
Jun 12th 2019, 14:59 |
neon1024 |
Or have the query building part as a function and take a permissions object I guess :thinking_face: |
| # |
Jun 12th 2019, 14:58 |
neon1024 |
You could also conditionally build custom finders in your controller based on the permissions |
| # |
Jun 12th 2019, 14:58 |
awi |
Thank you very much |
| # |
Jun 12th 2019, 14:58 |
awi |
Didnt know the footprint. thats a nice plugin |
| # |
Jun 12th 2019, 14:55 |
jeremyharris |
there are a few ways to do that then. like I said you can inject the identity (User) into the behavior, or add a listener that injects it (see muffin/footprint for an example of this) |
| # |
Jun 12th 2019, 14:55 |
awi |
reason is, that I run an Rest-API by Cake. And I dont have the luxury of relying on well formed POST-Requests as anyone can connect himself through the API |
| # |
Jun 12th 2019, 14:54 |
awi |
I think I want to have it here |
| # |
Jun 12th 2019, 14:54 |
awi |
> generally you don’t want to do authorization handling in that layer of the application |
| # |
Jun 12th 2019, 14:50 |
jeremyharris |
however, if you must, you can always inject the identity into the behavior from the controller |
| # |
Jun 12th 2019, 14:49 |
jeremyharris |
generally you don’t want to do authorization handling in that layer of the application, it makes testing harder and the domain layer shouldn’t be concerned with authorization necessarily. instead, make changes from the outside, e.g. the controller changes a finder (scopes the query) |
| # |
Jun 12th 2019, 14:48 |
awi |
Or: Are there reasons not to do it |
| # |
Jun 12th 2019, 14:48 |
awi |
I try to build a Behavior checking if someone is authorized to link something associated. All my Information about authorization is in a component. Can I call the Component from the behaviour? |
| # |
Jun 12th 2019, 14:45 |
awi |
hi. |
| # |
Jun 12th 2019, 14:16 |
ricksaccous |
crazy |
| # |
Jun 12th 2019, 14:16 |
ricksaccous |
so i could add the same identifier twice but with different resolvers configured |
| # |
Jun 12th 2019, 14:16 |
ricksaccous |
hahahaha |
| # |
Jun 12th 2019, 14:16 |
ricksaccous |
i should have talked to you earlier |
| # |
Jun 12th 2019, 14:16 |
ricksaccous |
welp |
| # |
Jun 12th 2019, 14:15 |
jeremyharris |
yup they do |
| # |
Jun 12th 2019, 14:15 |
ricksaccous |
lmao |
| # |
Jun 12th 2019, 14:15 |
ricksaccous |
because i wouldn't mind not writing this resolver |
| # |
Jun 12th 2019, 14:14 |
ricksaccous |
until one returns favorably? |
| # |
Jun 12th 2019, 14:14 |
ricksaccous |
oh is that a thing? does it just go through each? |
| # |
Jun 12th 2019, 14:14 |
jeremyharris |
or maybe you could add multiple identifiers using different resolvers |
| # |
Jun 12th 2019, 14:13 |
jeremyharris |
yeah |
| # |
Jun 12th 2019, 14:13 |
ricksaccous |
but across multiple tables i think i need my own resolver |
| # |
Jun 12th 2019, 14:13 |
jeremyharris |
ah |
| # |
Jun 12th 2019, 14:13 |
ricksaccous |
before i used this plugin |
| # |
Jun 12th 2019, 14:13 |
ricksaccous |
no i meant before when i wrote my own Auth |
| # |
Jun 12th 2019, 14:12 |
jeremyharris |
you can do that with the ‘finder’ option in the OrmResolver ;) |
| # |
Jun 12th 2019, 14:11 |
ricksaccous |
hehe |
| # |
Jun 12th 2019, 14:11 |
ricksaccous |
besides username/password |
| # |
Jun 12th 2019, 14:11 |
ricksaccous |
I have written my own auth though because i wanted to add a field to the check |