# |
May 18th 2021, 08:53 |
neon1024 |
Which seems like utter madness to me that I have to do the same configuration twice, but there you are. I’ve probably missed something |
# |
May 18th 2021, 08:52 |
slackebot |
<neon1024> |
# |
May 18th 2021, 08:52 |
neon1024 |
For the unlocked actions, I just tied it into the Authentication config |
# |
May 18th 2021, 08:52 |
erwane |
I'm using policy on Entity, and don't need this RequestAuthorization. Looking for the doc |
# |
May 18th 2021, 08:50 |
neon1024 |
Which looks remarkable like ACL wearing a trench coat |
# |
May 18th 2021, 08:50 |
neon1024 |
Just sidesteps all that Policy nonsense |
# |
May 18th 2021, 08:50 |
erwane |
never used RequestAuthorization :( |
# |
May 18th 2021, 08:49 |
erwane |
``` // Authentication $middlewareQueue->add(new AuthenticationMiddleware($this)); // Authorization $middlewareQueue->add(new AuthorizationMiddleware($this)); return $middlewareQueue;``` |
# |
May 18th 2021, 08:49 |
neon1024 |
I wonder if Authorization and RequestAuthorization are mutually exclusive |
# |
May 18th 2021, 08:49 |
neon1024 |
->add(new AuthenticationMiddleware($this)) ->add(new AuthorizationMiddleware($this)) ->add(new RequestAuthorizationMiddleware()); |
# |
May 18th 2021, 08:49 |
neon1024 |
I believe so |
# |
May 18th 2021, 08:47 |
erwane |
I prefer to add `skipAuthorization` in all methods, to be sure it's protected and prevent a security hole. |
# |
May 18th 2021, 08:45 |
erwane |
maybe you can add an Authentication test, if not authenticated, skip Authorization. |
# |
May 18th 2021, 08:44 |
erwane |
``` /** * Bands index * * @return \Cake\Http\Response|void * @throws \Exception */ public function index() { $this->Authorization->skipAuthorization();``` |
# |
May 18th 2021, 08:44 |
erwane |
But, Authentication and Authorization are not the same. On my public page, i have to add `$this->Authorization->skipAuthorization();` in methods with no check |
# |
May 18th 2021, 08:43 |
erwane |
You add the AuthorizationMiddleware AFTER Authentication ? |
# |
May 18th 2021, 08:37 |
neon1024 |
Is there a Cakefest talk on how these plugins work, as there are lots of new concepts here and they are not intuitive at all to my brain |
# |
May 18th 2021, 08:36 |
neon1024 |
I am very confused that that Authorization plugin is actioning my request first, and throwing a 403. Regardless of Authentication, and it fails to redirect back to my login |
# |
May 18th 2021, 08:09 |
rightscoreanalysis |
Currently I can save Order with related Users and Addresses, but Orders.address_id is not saved |
# |
May 18th 2021, 08:08 |
rightscoreanalysis |
if I have Order which BelongsTo User and Address, and User has many Addresses, can do a single save to Order which will save the address_id back through to Order? |
# |
May 18th 2021, 05:54 |
savant |
Wow cakephp is too powerful |
# |
May 17th 2021, 23:55 |
rightscoreanalysis |
but what does that mean? |
# |
May 17th 2021, 23:55 |
rightscoreanalysis |
an old cake2 project is not saveAssociated, when I debug the validation: ```array( 'Address' => array() )``` |
# |
May 17th 2021, 22:16 |
khalil |
@ndm nevermind! what you mentioned works perfectly, my issue was that I have multiple classes that extend AppController and a few classes underneath them, the inheritance wasn't done correctly, now everything is working fine! Thanks! |
# |
May 17th 2021, 22:01 |
khalil |
Whenever I try to access $currency in the template, i get undefined variable currency |
# |
May 17th 2021, 22:00 |
khalil |
And here's my AppController's beforeFilter: ```public function beforeFilter(EventInterface $event) { parent::beforeFilter($event); if(!$this->is('seller')) { $this->Flash->error('You are not allowed to access this location'); return $this->redirect('/'); } $currency = $this->Picked->currency(); $this->set('currency', $currency); $this->viewBuilder()->setLayout('my-shop'); }``` |
# |
May 17th 2021, 22:00 |
khalil |
Here's my AppController initialize method: ```public function initialize(): void { parent::initialize(); $this->loadComponent('Security'); $this->loadComponent('Picked'); }``` |
# |
May 17th 2021, 21:59 |
khalil |
I tried what you told me, and the variable is not accessible in the template files |
# |
May 17th 2021, 21:59 |
khalil |
Hey @ndm |
# |
May 17th 2021, 21:38 |
r.piel |
if it's Cake 3 you got an Entity with get(), try with setUser((array) $personeSesion) |
# |
May 17th 2021, 21:37 |
blackjccl |
@ndm What do you mean |
# |
May 17th 2021, 21:36 |
blackjccl |
@r.piel now my code is like this ```$personaSesion = $this->Persona->get($persona->id_persona); $this->Auth->setUser($personaSesion);``` and it follows the same error |
# |
May 17th 2021, 21:34 |
r.piel |
i hope ^^ |
# |
May 17th 2021, 21:34 |
r.piel |
it could be for transition |
# |
May 17th 2021, 21:33 |
ndm |
No no, very first things first is seeing the words "*plain text*" and "*password*" closer together than 12 kilometers and getting immediate PTSD :grimacing: |
# |
May 17th 2021, 21:32 |
r.piel |
first remove [] in get |
# |
May 17th 2021, 21:25 |
slackebot |
$this->redirect(['controller'=>'Evaluaciones','action'=>'instructions', $this->Auth->user('id_persona')]); }``` |
# |
May 17th 2021, 21:25 |
blackjccl |
```$persona = $this->Persona->findByTokenStringAndEstado($tokenLogin,1)->first(); if($persona andand (new DefaultPasswordHasher())->check($this->Password->getPlaintText($persona->plain_text),$persona->password)){ $personaSesion = $this->Persona->get([$persona->id_persona]); $this->Auth->setUser($personaSesion); return |
# |
May 17th 2021, 21:25 |
blackjccl |
Hello everyone can someone help me with this problem I get this error ```Argument 1 passed to Cake\Controller\Component\AuthComponent::setUser() must be of the type array, object given, called * @link http://book.cakephp.org/3.0/en/controllers/components/authentication.html#identifying-users-and-logging-them-in */ public function setUser(array $user)``` my code is the following |
# |
May 17th 2021, 21:16 |
khalil |
That was really helpful |
# |
May 17th 2021, 21:16 |
khalil |
Thanks @ndm I'll give it a try now, I'll let you know how it goes |