# |
Aug 22nd 2019, 12:21 |
scuadra |
Hello. In Cake 3 how can I add 2 (or more) custom validation rules for a given field? |
# |
Aug 22nd 2019, 12:13 |
rchavik |
what does the query parsing in 3.8? |
# |
Aug 22nd 2019, 11:54 |
alexdd55976 |
me neither... i used skipauthorization to get access :) |
# |
Aug 22nd 2019, 11:54 |
rchavik |
If i configure routes as follows, ```php Router::prefix('api', function($routes) { $routes->setExtensions('json'); $routes->resources('Nodes'); }); ``` will it strip url queries? |
# |
Aug 22nd 2019, 11:54 |
neon1024 |
@alexdd55976 I don’t even know how to get it working, let alone try and write docs for it ,:) |
# |
Aug 22nd 2019, 11:53 |
alexdd55976 |
@neon1024 while you are doing that you could improve the authorization middleware documention as well :) |
# |
Aug 22nd 2019, 11:53 |
neon1024 |
Perhaps it would make a great Cakefest talk! |
# |
Aug 22nd 2019, 11:53 |
neon1024 |
I looked in Application.php for Middleware, and CSRF is in routes.php! |
# |
Aug 22nd 2019, 11:53 |
neon1024 |
If you were a beginner you’d have no idea what was going on |
# |
Aug 22nd 2019, 11:52 |
neon1024 |
You just get an exception |
# |
Aug 22nd 2019, 11:52 |
neon1024 |
The point being that CSRF and Security feel a bit muddled, and they’re a hard stop for development |
# |
Aug 22nd 2019, 11:52 |
slackebot2 |
<alexdd55976> |
# |
Aug 22nd 2019, 11:52 |
neon1024 |
For a beginner, well… |
# |
Aug 22nd 2019, 11:52 |
neon1024 |
I’m hardly the worlds greatest idiot and I couldn’t work it out |
# |
Aug 22nd 2019, 11:51 |
neon1024 |
..and it shows there is an opportunity to improve the documentation |
# |
Aug 22nd 2019, 11:51 |
neon1024 |
Yep, that’s me |
# |
Aug 22nd 2019, 11:51 |
admad |
but if someone is dumb enough to add the middleware in application and for specific route too then there would be |
# |
Aug 22nd 2019, 11:50 |
alexdd55976 |
middlewhere... everyware |
# |
Aug 22nd 2019, 11:50 |
alexdd55976 |
middlewares.... everywhere... |
# |
Aug 22nd 2019, 11:50 |
admad |
there aren't |
# |
Aug 22nd 2019, 11:50 |
neon1024 |
:exploding_head: |
# |
Aug 22nd 2019, 11:50 |
neon1024 |
..and a component! |
# |
Aug 22nd 2019, 11:50 |
neon1024 |
There are *two* csrf middlwares?! :S |
# |
Aug 22nd 2019, 11:49 |
admad |
well if you have the csrfmiddleware in your application too obviously that wont wokr |
# |
Aug 22nd 2019, 11:49 |
neon1024 |
That should be a heading imho |
# |
Aug 22nd 2019, 11:49 |
neon1024 |
Yeah, there is a tiny grey comment line |
# |
Aug 22nd 2019, 11:48 |
neon1024 |
Maybe it should be in `Application.php`, I’m not sure |
# |
Aug 22nd 2019, 11:48 |
neon1024 |
@admad The only thing I can see, I added it to `routes.php` as the above example is talking about scoped middleware in routes |
# |
Aug 22nd 2019, 11:47 |
neon1024 |
@admad https://book.cakephp.org/3.0/en/controllers/middleware.html#cross-site-request-forgery-csrf-middleware :point_right: and scroll down to the code example for `whitelistCallback` |
# |
Aug 22nd 2019, 11:47 |
alexdd55976 |
did you check for a simple type? |
# |
Aug 22nd 2019, 11:47 |
neon1024 |
@alexdd55976 Perhaps I need to make associated id fields accessible :thinking_face: |
# |
Aug 22nd 2019, 11:47 |
admad |
link me |
# |
Aug 22nd 2019, 11:46 |
neon1024 |
@admad The example given in the book :slightly_smiling_face: I copied it and it didn’t work |
# |
Aug 22nd 2019, 11:46 |
admad |
@neon1024 "Lol, even the whitelist callback doesn’t work" what does not work? |
# |
Aug 22nd 2019, 11:46 |
neon1024 |
I am submitting id fields with my existing records, and the resulting entities are marked new and the id field is missing |
# |
Aug 22nd 2019, 11:46 |
alexdd55976 |
yes |
# |
Aug 22nd 2019, 11:46 |
neon1024 |
The result ends up with `public '[new]' => boolean true` in the entity |
# |
Aug 22nd 2019, 11:46 |
alexdd55976 |
oh, yes |
# |
Aug 22nd 2019, 11:45 |
neon1024 |
Well you know that when patchEntity runs, it determines if an entity is new or not by if the id field is present |
# |
Aug 22nd 2019, 11:45 |
alexdd55976 |
@neon1024 i am not getting the whole thing (maybe i read it worng) |
# |
Aug 22nd 2019, 11:43 |
neon1024 |
Anyone have any idea why, when I submit request data array it includes id field, but when the entities are created, they’re marked as new |