There was a topic in the discussion group where someone had mentioned
calling an allow, and then a deny immediately after does not work (and
vice versa). I wish I could find the source for you but I'm at a
loss. It contained more information and a description of the problem.
On May 9, 8:18 pm, Fabian <[EMAIL PROTECTED]> wrote:
> CREATE TABLE users (
> id integer auto_increment,
> username char(50),
> password char(50),
> PRIMARY KEY (id)
> );
>
> this is my users table. basically if there's a user he can do
> everything and if he doesn't have a user he'll have a limited view.
>
> class UsersController extends AppController {
>
> var $name = 'Users';
>
> function login() {
> }
>
> function logout() {
> $this->redirect($this->Auth->logout());
> }
>
> }
>
> what I ended up doing was just placing a beforefilter function on each
> controller and that seemed to work =)
>
> function beforeFilter(){
> $this->Auth->allow('index');
> }
>
> But thanks for all the help
>
> On May 9, 5:44 pm, Fabian <[EMAIL PROTECTED]> wrote:
>
> > ok I think I found out what the problem was. I was calling a component
> > on the controller I was testing so it was overwriting the auth
> > component call from the app_controller.
>
> > Thanks sam for your help !
>
> > On May 9, 5:30 pm, Fabian <[EMAIL PROTECTED]> wrote:
>
> > > Ok i've simplified this to :
>
> > > function beforeFilter(){
>
> > > $this->Auth->allow('*');
> > > $this->Auth->deny('delete','add','edit');
> > > }
>
> > > and the urls with controller/delete , controller/add, , controller/
> > > edit can be seen now =(
> > > It seems the only thing that works is ' * '
>
> > > On May 9, 5:14 pm, Fabian <[EMAIL PROTECTED]> wrote:
>
> > > > class AppController extends Controller {
>
> > > > var $components = array('Auth');
>
> > > > function beforeFilter()
> > > > {
> > > > $this->Auth->allow('*');
> > > > $this->Auth->deny('delete','add','edit');
>
> > > > // check if we're using the pages controller
> > > > if ($this->name == 'Admins'){
> > > > get args
> > > >
> > > > $this->Auth->deny('delete','add','edit','index');
> > > > }
> > > > }
>
> > > > basically all I've done is copy what was on the manual.
>
> > > > About admins routing I also want to deny access to a different
> > > > controller as well. So they can't see admins and properties indexes
> > > > for both
>
> > > > I thought there was a simple way to do this but I guess not =(
> > > > On May 9, 5:02 pm, "Sam Sherlock" <[EMAIL PROTECTED]> wrote:
>
> > > > > so that is the beoreFilter of the Admins controller
>
> > > > > and you have Auth set in your app_controller - post your auth set up
> > > > > too
>
> > > > > does putting parent::beforeFilter in the Admins controller help
>
> > > > > also you could use admin routing here which IMHO would simplify
> > > > > things a
> > > > > little
>
> > > > > hth - S
>
> > > > > 2008/5/9 Fabian <[EMAIL PROTECTED]>:
>
> > > > > > yes I've read it and thx for the if statement error but still the
> > > > > > index page is shown.
>
> > > > > > I've even tried doing it without the if statement
>
> > > > > > function beforeFilter()
> > > > > > {
>
> > > > > > $this->Auth->allow('*');
> > > > > > $this->Auth->deny('delete','add','edit','index');
>
> > > > > > }
>
> > > > > > and still all the indexes are showing up
>
> > > > > > On May 9, 4:44 pm, "Sam Sherlock" <[EMAIL PROTECTED]> wrote:
> > > > > > > in your if state your assigning the value the one below compares
> > > > > > > the
> > > > > > values
>
> > > > > > > if ($this->name == 'Admins'){}
>
> > > > > > > have you read the auth section of book.cakephp.org?
>
> > > > > > > 2008/5/9 Fabian <[EMAIL PROTECTED]>:
>
> > > > > > > > Hi all.
>
> > > > > > > > I'm having problem using the deny and allow methods for the
> > > > > > > > index
> > > > > > > > function.
>
> > > > > > > > In my app controller I have
>
> > > > > > > > function beforeFilter()
> > > > > > > > {
>
> > > > > > > > $this->Auth->allow('*');
> > > > > > > > $this->Auth->deny('delete','add','edit');
>
> > > > > > > > if ($this->name = 'Admins'){
> > > > > > > > $this->Auth->deny('delete','add','edit','index');
> > > > > > > > }
>
> > > > > > > > }
>
> > > > > > > > so if I try to use any url like admins/add if forces me to
> > > > > > > > login , but
> > > > > > > > it doesn't seem to work for the admins/index
>
> > > > > > > > What is the correct string I have to place in the deny array so
> > > > > > > > it
> > > > > > > > actually denies the index. I've tried using display, read and
> > > > > > > > view.
> > > > > > > > But none of them work.
>
> > > > > > > > Thanks in advance
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
