I believe this is the case because Authentication works on the controllers that we develop, and not on the included app_controller. Since you placed the items in app_controller, then they do not have to be specifically allowed but are part of 'superior' class if you will. If not, then Authentication would be a mess and you would have to add all the functions built into the provided app_controller into your authentication scheme. Which would make the task overly cumbersome.
-Vinnie On Aug 3, 6:56 am, StevieL <[email protected]> wrote: > Hi, > > I had a couple of simple actions that I needed to use in each of the > controllers in my application. I decided to plonk them into > app_controller and it all works fine (just how it describes in the > book). > > Now, within my actions (in my controllers) i can simply access these > new global functions with $this->NewGlobalFunctionName(VariableName). > All was well until I got thinking, as my app is using Auth - how are > these global actions even working when i have put no rules in to allow > them. > > i have for example: - > > $group->id = 3; > > // deny all controllers > $this->Acl->deny($group, 'controllers') > > // allow certain actions > $this->Acl->allow($group, 'controllers/users/myprofile'); > .. etc ... > > Auth is definitely tested working fine for the rest of the app. Why > is it that these functions in /app/app_controller.php can be run > without Auth preventing it and without me needing to add a > > $this->Acl->allow rule for them? > > my AppController looks like this: - > > class AppController extends Controller { > var $components = array('Acl', 'Auth', 'Session'); > var $helpers = array('Html', 'Form', 'Session', 'Javascript', > 'Time'); > > function beforeFilter() { > //Configure AuthComponent > $this->Auth->actionPath = 'controllers/'; > $this->Auth->allowedActions = array('display'); > $this->Auth->authorize = 'actions'; > $this->Auth->loginAction = array('controller' => 'users', > 'action' => 'login'); > $this->Auth->logoutRedirect = array('controller' => 'users', > 'action' => 'login'); > $this->Auth->loginRedirect = array('controller' => 'users', > 'action' => 'myprofile'); > } > > function NewGlobalFunctionName($id) { > > // Include a model > $this->loadModel('ModelName'); > > .. function code here ... > return something; > > } > > } > > Thanks, > > Steve -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
