# |
Apr 30th 2021, 20:34 |
admad |
you can't use query string in routes |
# |
Apr 30th 2021, 20:32 |
rightscoreanalysis |
trying to escape it |
# |
Apr 30th 2021, 20:32 |
rightscoreanalysis |
the router doesn't like '?' |
# |
Apr 30th 2021, 20:13 |
rightscoreanalysis |
```Action OrdersController::store() could not be found``` |
# |
Apr 30th 2021, 20:12 |
rightscoreanalysis |
$builder->connect('/orders/store?store_id={storeId}', ['controller' => 'Orders', 'action' => 'index'], ['storeId' => '\d+', 'pass' => ['storeId']]); |
# |
Apr 30th 2021, 20:12 |
rightscoreanalysis |
this looks like a bug doesn't it? |
# |
Apr 30th 2021, 19:30 |
rightscoreanalysis |
both have connectivity to the same db |
# |
Apr 30th 2021, 19:30 |
rightscoreanalysis |
if so shuld I be using afterSave in the backend (cake2) or in the api's afterSave (cake4) |
# |
Apr 30th 2021, 19:29 |
rightscoreanalysis |
does this sound like the correct approach |
# |
Apr 30th 2021, 19:29 |
rightscoreanalysis |
I have implemented an API, when the Order is saved I have suggested that the Order only is save via the API, then any other related data should be handled with events |
# |
Apr 30th 2021, 19:28 |
rightscoreanalysis |
Looking for some advice regarding implementation. I am working on legacy Cake2 project, there is an Order save controller method, it is big and bulky. When an order is saved a lot of related data is added to the request - Customer Address and a host of other models, it's a real mess |
# |
Apr 30th 2021, 18:23 |
kevin.pfeifer |
god damn im stupid, behaviors are for tables, not entities |
# |
Apr 30th 2021, 18:15 |
kevin.pfeifer |
is it even possible to add virtual fields via a behavior? |
# |
Apr 30th 2021, 17:48 |
kevin.pfeifer |
add, edit and delete are separate actions of course but view is basically the first thing that should be checked |
# |
Apr 30th 2021, 17:47 |
kevin.pfeifer |
So what if the given user isn't even allowed to view the entity? Shouldn't it be excluded from the API anyways? |
# |
Apr 30th 2021, 17:13 |
kevin.pfeifer |
sure, try that |
# |
Apr 30th 2021, 17:10 |
sebastiansperandio093 |
maybe this TinyMCE https://github.com/CakeDC/TinyMCE |
# |
Apr 30th 2021, 17:09 |
sebastiansperandio093 |
@kevin.pfeifer Thanks for answer. I just need an usual WYSIWYG editor...nothing special. (I'm creating a posts CRUD) |
# |
Apr 30th 2021, 16:30 |
martin |
since you don’t have the user entity or autorization component inside a entity :( |
# |
Apr 30th 2021, 16:30 |
martin |
ok, I will also think about a way to do it :) |
# |
Apr 30th 2021, 16:29 |
kevin.pfeifer |
well i have to go now but i will definitely look into that later :) |
# |
Apr 30th 2021, 16:28 |
kevin.pfeifer |
authorization conserned |
# |
Apr 30th 2021, 16:28 |
martin |
yes |
# |
Apr 30th 2021, 16:28 |
kevin.pfeifer |
so you basically need a true/false for each action that could be done for each given entity in your API |
# |
Apr 30th 2021, 16:27 |
martin |
yes I was thinking I add it to the entity so it will be exposed in api. |
# |
Apr 30th 2021, 16:27 |
kevin.pfeifer |
i thought you need it in the view |
# |
Apr 30th 2021, 16:26 |
kevin.pfeifer |
ah ok, thats why you thought of the entity |
# |
Apr 30th 2021, 16:26 |
martin |
ah yes ok, but it is a json api so not using the views |
# |
Apr 30th 2021, 16:26 |
kevin.pfeifer |
or require `cakedc/auth` and only copy the helper and you should be good |
# |
Apr 30th 2021, 16:25 |
kevin.pfeifer |
sure its based on cakedc/auth but you could basically copy the helper and the trait, adjust it to use what you need and then you are independent of cakedc if you so desire |
# |
Apr 30th 2021, 16:21 |
martin |
@kevin.pfeifer but that uses the cakedc auth, not the authorization middleware? |
# |
Apr 30th 2021, 16:15 |
kevin.pfeifer |
@sebias |
# |
Apr 30th 2021, 16:15 |
kevin.pfeifer |
@martin look at the AuthLinkHelper from CakeDC https://github.com/CakeDC/users/blob/master/src/View/Helper/AuthLinkHelper.php |
# |
Apr 30th 2021, 16:13 |
sebastiansperandio093 |
Could someone to suggest the best option for wysiwyg editor in cakephp 4? |
# |
Apr 30th 2021, 16:13 |
martin |
was hoping i was able to just create a virtual field inside entity where I can return $user->can(‘edit’, $this); :P |
# |
Apr 30th 2021, 16:08 |
martin |
I’ve policies to check if the user is allowed to edit the entity. but since it is a api response, and user will see all entities the frontent needs to know which one can be edited |
# |
Apr 30th 2021, 16:08 |
kevin.pfeifer |
which therefore needs access to the table object |
# |
Apr 30th 2021, 16:07 |
kevin.pfeifer |
because `canEdit` authorizations are usually handled via Policies |
# |
Apr 30th 2021, 16:07 |
martin |
yes |
# |
Apr 30th 2021, 16:07 |
kevin.pfeifer |
you mean inside the entity of which should be checked against the current logged in user? |
# |
Apr 30th 2021, 15:56 |
martin |
Can I access the authorization inside a entity? I need to have in api response if user can edit a entity. |