Re: Users can only edit or delete themselves

Sun, 15 Jan 2012 02:38:21 -0800 

I think I'm near the solution, but I need help for finishing the
code :

Here is my app controller :

    public function isAuthorized($user) {
        if (isset($user['role']) && $user['role'] === 'admin') {
            return true; //Admin can access every action
        }
        return false; // The rest don't
    }


    function beforeFilter() {
        $this->Auth->allow('index', 'view');
        $this->Auth->allow('display');
    }


And my UsersController :

  public function isAuthorized($user) {
        if (parent::isAuthorized($user)) {
            return true;
        }

        if (in_array($this->action, array('edit', 'delete'))) {
            if ($user['User']['id'] == $this->Session-
>read('Auth.User.id')) {
            return true;
                }
        }

        return false;
    }


With this code, Admin can edit everyone, but when a logge duser tries
to edit himself, I get this notice :


Notice (8): Undefined index:  User [APP/Controller/
UsersController.php, line 60]
Code Context

        if (in_array($this->action, array('edit', 'delete'))) {
            if ($user['User']['id'] == $this->Session-
>read('Auth.User.id')) {
UsersController::isAuthorized() - APP/Controller/UsersController.php,
line 60
ControllerAuthorize::authorize() - CORE/Cake/Controller/Component/Auth/
ControllerAuthorize.php, line 64
AuthComponent::isAuthorized() - CORE/Cake/Controller/Component/
AuthComponent.php, line 379
AuthComponent::startup() - CORE/Cake/Controller/Component/
AuthComponent.php, line 330
ObjectCollection::trigger() - CORE/Cake/Utility/ObjectCollection.php,
line 103
Controller::startupProcess() - CORE/Cake/Controller/Controller.php,
line 606
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 104
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 89
[main] - APP/webroot/index.php, line 96


Any idea what I should add next ? Perhaps in my User Model ? Many
thanks !



On 14 jan, 19:44, Salines <[email protected]> wrote:
> I think you have answer in one of this videos
>
> http://www.youtube.com/results?search_query=cakephp+auth

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
[email protected] For more options, visit this group at 
http://groups.google.com/group/cake-php

Reply via email to