| # |
Jun 27th 2019, 15:32 |
 ricksaccous |
oh cool |
| # |
Jun 27th 2019, 15:32 |
neon1024 |
`unauthorizedRedirect`is what I was looking for! |
| # |
Jun 27th 2019, 15:32 |
ricksaccous |
@neon1024 using the component or the new plugin? |
| # |
Jun 27th 2019, 15:32 |
nudl3ss |
yeah i decided to try with tus-php ... the problem is i dont know exactly how to integrate it. Its giving me headers sent already error, im not sure am I doing the client and the server right... |
| # |
Jun 27th 2019, 15:31 |
neon1024 |
Where can I control the Auth failed redirect? I need to customise it based on role |
| # |
Jun 27th 2019, 15:24 |
ricksaccous |
at least for this project i don't think i will |
| # |
Jun 27th 2019, 15:24 |
ricksaccous |
might need this in the future but doubt it |
| # |
Jun 27th 2019, 15:23 |
ricksaccous |
interesting |
| # |
Jun 27th 2019, 15:23 |
ricksaccous |
ah cool i found it https://github.com/ankitpokhrel/tus-php |
| # |
Jun 27th 2019, 15:22 |
jeremyharris |
tus is the way to go, it’s a protocol for resumable uploads |
| # |
Jun 27th 2019, 15:17 |
ricksaccous |
also i found this http://www.resumablejs.com/ |
| # |
Jun 27th 2019, 15:17 |
ricksaccous |
@nudl3ss what is tus-php? |
| # |
Jun 27th 2019, 15:14 |
nudl3ss |
Hello there, I am building video uploading system and I have a little problem. I want to make resumable upload feature should internet connectivity drop or browser crash. I was looking tus-php but I couldn't integrate it right. Is anyone know something how can this resumable feature to make it work? Thank you! |
| # |
Jun 27th 2019, 14:40 |
neon1024 |
Wasn’t sure that it was out of beta yet |
| # |
Jun 27th 2019, 14:40 |
neon1024 |
I’ll take a look |
| # |
Jun 27th 2019, 14:40 |
jeremyharris |
now I use the authorization lib and haven’t turned back. the policy stuff alone is a huge win |
| # |
Jun 27th 2019, 14:39 |
jeremyharris |
yeah I’ve done prefix based roles before, works pretty well until things get complicated or require hierarchy |
| # |
Jun 27th 2019, 14:39 |
neon1024 |
It’s prefix based still as I thought that would make it a bit simpler |
| # |
Jun 27th 2019, 14:38 |
neon1024 |
Figured it can’t be that hard, but then I realised that I give a role access, but I need to restrict them elsewhere |
| # |
Jun 27th 2019, 14:38 |
neon1024 |
Yeah, I should have done that |
| # |
Jun 27th 2019, 14:38 |
jeremyharris |
@neon1024 might be worth looking into RBAC (role based access control) plugins for ideas, or the new authorization lib which has a really nice policy system which you might be able to gain insight from |
| # |
Jun 27th 2019, 14:29 |
neon1024 |
Ah, I can make my own Role Auth :) |
| # |
Jun 27th 2019, 14:26 |
mdotobie |
Evening @admad, per our discussion yesterday about when `Form::schema()` is called, I did not realize that `__debuginfo` is a magic method that gets called when `print_r` is used on an object. PsySH is using print_r to immediately output objects you’ve mutated or instantiated which in turn is calling the `__debuginfo` method on the Form object and within that the Schema dependency. |
| # |
Jun 27th 2019, 14:24 |
neon1024 |
Kinda like a `$this->Auth->allow()` but with a value to match |
| # |
Jun 27th 2019, 14:22 |
neon1024 |
Or it the controllers `isAuthorized()` perhaps, by overloading the AppController method |
| # |
Jun 27th 2019, 14:22 |
neon1024 |
Or give access to controllers and manage action permission in the controller beforeFilter? |
| # |
Jun 27th 2019, 14:21 |
neon1024 |
Is there a more elegant way to manage permissions by role, other than a big `isAuthorized()` method? |
| # |
Jun 27th 2019, 14:06 |
admad |
@challgren this deprecation notices in validator exist since 3.8.0-beta1 https://github.com/cakephp/cakephp/commit/d1a0cfe0fc0677d78f69cfec589acca296384720 |
| # |
Jun 27th 2019, 13:42 |
neon1024 |
Oh, I guessed correctly! `[‘controller’ => ‘Examples’, ‘action’ => ‘view’, ‘prefix’ => ’foo/bar\ |
| # |
Jun 27th 2019, 13:41 |
neon1024 |
When using nested prefixes, what does the ‘prefix’ url array option look like? |
| # |
Jun 27th 2019, 13:34 |
cake-aml |
I can think of other solutions such as checking the route for that controller or avoid using the middleware and load a component that could then be configured, but I feel like there's a more elegant solution somewhere |
| # |
Jun 27th 2019, 13:30 |
cake-aml |
thanks for the reply. Is there then any 'good' way of achieving what I want? |
| # |
Jun 27th 2019, 13:28 |
admad |
response instance should never be modified before calling $next(). While it will work for now it will break in 4.0 |
| # |
Jun 27th 2019, 13:16 |
slackebot |
calls $next() first then applies the headers) am I simply approaching this wrong and shouldn't unset the header in my Controller? or is there a clean way to unset the header? so far overriding the middleware to set the headers before $next() or using a "global" instance (SecurityHeadersMiddleware::instance() and change it there) have worked for me, but I'm not convinced I should be doing that |
| # |
Jun 27th 2019, 13:16 |
cake-aml |
hi I'm trying to set X-Frame-Options to 'sameorigin' in my application, but I want to manually disable it in a specific Controller. I tried using the setXFrameOptions method in SecurityHeadersMiddleware + manually unsetting the header in that controller's beforeFilter ($this->response = $this->response->withoutHeader('x-frame-options')) the problem is that the SecurityHeadersMiddleware always sets the Headers after the controller (__invoke |
| # |
Jun 27th 2019, 10:09 |
neon1024 |
@david last time I hit this issue it was because I had misconfigured my Nginx setup |
| # |
Jun 27th 2019, 09:55 |
vossen.steven |
array notation isnt needed if only one word though |
| # |
Jun 27th 2019, 09:54 |
vossen.steven |
__('Some word: {0}, ['word']) |
| # |
Jun 27th 2019, 09:54 |
egalles |
mmm ok, thanks |
| # |
Jun 27th 2019, 09:54 |
vossen.steven |
should be {0} instead of %s |
| # |
Jun 27th 2019, 09:53 |
egalles |
when I do that, the text in view shows me: Some word: %s |