On Mar 30, 2:25 pm, "Piotr Barszczewski" <[EMAIL PROTECTED]>
wrote:
> hmm, my last post didn't show here :/ i hope it doesn't show twice,
> after i add this.
>
> The requestAction forwards the requests based on a populated list or
> resources. It's dynamic. I want to use authorization for controllers
> +actions in one place, so that the ones called normally (based on the
> http request's url ) are authorized the same way the requestAction'd
> ones. If I'd do checking before calling requestAction, and again in
> the beforeFilter in AppController I'd get useless duplication of the
> same functionality - and that is obviously a bad thing :)
Yes, that's obvious ;).
I would suggest doing it the other way around: check access BEFORE
calling requestAction - modify your beforeFilter access control check
to assume that if it's being called by requestAction the user has
access. It makes no sense to me to call requestAction, invoking all
the processing that entails, to output "".
HTH,
AD
>
> On 30 Mar, 13:49, "AD7six" <[EMAIL PROTECTED]> wrote:
>
> > On Mar 30, 1:28 pm, "Piotr Barszczewski" <[EMAIL PROTECTED]>
> > wrote:
>
> > > oops. forgot to mention: this post is related
> > > tohttp://groups.google.com/group/cake-php/browse_thread/thread/e8cc55b1...
>
> > Why call requestAction at all for something the user doesn't have
> > access to see?
>
> > AD
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
