# |
Jan 13th 2020, 21:39 |
ndm |
That looks right... not sure, might want to debug `\Authorization\Policy\OrmResolver::getEntityPolicy()` and `\Authorization\Policy\OrmResolver::findPolicy()` to check what's trying to be looked up |
# |
Jan 13th 2020, 21:31 |
MrEm |
$user = $this->Users->get($id); |
# |
Jan 13th 2020, 21:31 |
MrEm |
I'm getting the $user for deletion by: |
# |
Jan 13th 2020, 21:30 |
MrEm |
namespace App\Policy; ? |
# |
Jan 13th 2020, 21:30 |
ndm |
Wrong namespace maybe... |
# |
Jan 13th 2020, 21:21 |
MrEm |
I've got the UserPolicy.php living in src/Policy/ |
# |
Jan 13th 2020, 21:19 |
MrEm |
I've created a UserPolicy#canDelete. In my UsersController#delete method I call $this->Authorization->authorize($user), but I'm getting a "Policy for App\Model\Entity\User" has not been defined |
# |
Jan 13th 2020, 20:46 |
MrEm |
Yep, that was it |
# |
Jan 13th 2020, 20:35 |
ndm |
Sounds like you've maybe added the request authorization middleware _before_ the routing middleware |
# |
Jan 13th 2020, 20:33 |
MrEm |
I probably have something wrong with the routing - but it seems to be routing to the right place at least. Here's the routing: https://pastebin.com/eyum1cnS |
# |
Jan 13th 2020, 20:32 |
MrEm |
Cool - I think I have it all set up. Now... I must have something else goofy. My route is /admin/users/add - but the controller, action, and plugin are all empty |
# |
Jan 13th 2020, 20:23 |
ndm |
yep |
# |
Jan 13th 2020, 20:21 |
MrEm |
? |
# |
Jan 13th 2020, 20:21 |
MrEm |
With the "Request Authorization Middleware" Do I still need the "Authorization Middleware" |
# |
Jan 13th 2020, 20:15 |
dereuromark |
If you want simple prefix routing (matching role), you can even just toggle on a default config of TinyAuth. |
# |
Jan 13th 2020, 20:13 |
ndm |
https://book.cakephp.org/authorization/2/en/request-authorization-middleware.html |
# |
Jan 13th 2020, 20:13 |
ndm |
Depends on where that admin area is located... if it's easily and uniquely identifiable via routing parameters, then you might want to check the request authorization middleware. You might get away with a single policy that for example checks the prefix. |
# |
Jan 13th 2020, 20:03 |
MrEm |
With authorization - If I just want to restrict the admin area to those with a given role, do I still need to create Policies and issue checks in each method? Or is there a simpler/blanket way to restrict? |
# |
Jan 13th 2020, 20:01 |
ricksaccous |
i got you |
# |
Jan 13th 2020, 19:57 |
daniel.upshaw |
Shot in the dark here -- I'm in the job market in the Washington, DC area, or remote, full-stack dev. Have come to love CakePHP, so I am mentioning here :) |
# |
Jan 13th 2020, 19:32 |
devito |
hmm, so if I set up a through relationship that should make it acessable from the parent model then as well yeah? |
# |
Jan 13th 2020, 19:31 |
dereuromark |
whatever works for u |
# |
Jan 13th 2020, 19:31 |
dereuromark |
you can set up special relationships and still use contain, or yeah, completely manual |
# |
Jan 13th 2020, 19:31 |
devito |
im pretty sure my relationships are set up correctly |
# |
Jan 13th 2020, 19:31 |
devito |
or should I drop the contain and move to just joins? |
# |
Jan 13th 2020, 19:31 |
devito |
is it ok to use join in conjunction with contain on the paginator? |
# |
Jan 13th 2020, 19:29 |
dereuromark |
are those belongsTo relations? you would need them in the same query to have easy default access. otherwise you need to join manually for this |
# |
Jan 13th 2020, 19:28 |
devito |
like page.auth.id is fine but if i try to do page.author.address.city the pagination query throws a unknow column error |
# |
Jan 13th 2020, 19:28 |
devito |
Im having a issue with the paginator. When i try to do a contain with nested associations I am un able to access the fields in the field list. but the data does show in my returns, Ultimatly I want to be able to sort on a nested field value any ideas? |
# |
Jan 13th 2020, 18:33 |
MrEm |
Huzzah! That worked! |
# |
Jan 13th 2020, 18:28 |
MrEm |
Ahhhhhh. Thank you |
# |
Jan 13th 2020, 18:28 |
ndm |
CakePHP 's default password hasher is using bcrypt hashing |
# |
Jan 13th 2020, 18:27 |
ndm |
32 is too short, it should be at least 60 |
# |
Jan 13th 2020, 18:25 |
MrEm |
OK, one at a time: column length = 32 on the password. It's getting hashed (at least I see a hashed value and not the password entered), the password is extremely simple so I know it's not a mismatch ("test"). And here's the User entity, with the _setPassword function: https://pastebin.com/brF2MEee |
# |
Jan 13th 2020, 18:22 |
ndm |
Could be all sorts of things, username mismatch, password mismatch, password not stored correctly (not hashed, column length to short, ...) |
# |
Jan 13th 2020, 18:21 |
MrEm |
(This one: https://book.cakephp.org/authentication/2/en/index.html#) |
# |
Jan 13th 2020, 18:20 |
MrEm |
I set everything up as it showed in the tutorial |
# |
Jan 13th 2020, 18:20 |
MrEm |
Now, the next question: I seem to be coming up against FAILURE_IDENTITY_NOT_FOUND when submitting it with just the user name |
# |
Jan 13th 2020, 18:20 |
ndm |
See https://book.cakephp.org/authentication/2/en/identifiers.html#identifiers, the `resolver` config |
# |
Jan 13th 2020, 18:20 |
MrEm |
ok, no worries. I can settle |
# |
Jan 13th 2020, 18:19 |
ndm |
You'd have to settle for a single input field, and the use a custom finder for the identifier where you can do an OR lookup... |