I probably shouldn't say this but.. I gave up on Acl (for now!). For
the same conflicting confusion i received after reading the articles
listing here in the FAQs page.
Before I knew about Acl I wrote my own method to authenticate users.
I user a Users table, a Roles table.
Users can login, register, reset passwords(via email tickets) and edit
their profiles. Admins can add new users, and reset passwords. all via
the users controller.
I also assign user id's to every post and project so only owners may
edit. Anyone else attempting gets banned. This is true of those who
alter the hidden html form field as well.
A method saved in AppController can be called from any controller
action to authenticate users. If they are not authorized the
checkUserSession method reroutes them to a login page, retaining their
last page to return them to.. optionally landign page ca n be
specified.
function edit($id){
$this->checkUserSession(4); // 4 here sginafies admin (levels 1, 2, 4)
//do stuff authenticated users ca...
}
My login controller saves a session for any user who logs in, so we
can show and hide buttons and links in views on the fly. Or perhaps
tpo decide whether internal news gets shown along side public news.
$user=$session->read('User');
//show link to any logged in users(say to add a new post etc)
if(isset($user['Role'])) echo $html->link(...);
//show links to admin only (say to delete an existing post, etc)
if( $user['Role']['rights'] == 4 ) echo $html->link('admins
only',...);
So with all this work invested in what I find to be a sufficient
system, I am reluctant to switch over all my code to a system I can
hardly wrap my head around. One tutorial doesn't even discuss login
pages, or where to pull user name, id or group from.
If anyone just needs authentication, but can't get Acl, there are
other options.
On Jul 20, 2:53 am, "Juan Luis Baptiste" <[EMAIL PROTECTED]>
wrote:
> Hi,
>
> I think I think I have read all the acl tutorials out there and I
> still don't understand how this works in cakephp. All of those
> tutorials have a different approach on how to use the acl/auth
> components so you end up confused as they contradict some times or
> explain how to do the same thing in different ways, very frustrating.
> The new chapter on the book cleared a lot of things to me but still is
> missing some things that I still have lots of confusion and questions.
> So I'm going to ask here some of them to try to get a clearer view of
> the acl component and be able to use it. I hope the answers to my
> questions also help others as I see that I'm not the only one that
> doesn't understand how this works based on the large amount of
> questions about the acl component on this list and the comments on
> many of the tutorials.
>
> Ok first, I have it clear on how to create ARO's and ACOS, the cake
> book explains that very well, but on how to assign permissions, on how
> ARO's access ACO's, it only explains how to do it with CRUD actions,
> not with other actions different from CRUD's or admin actions when
> using admin routing. How should those actions be assigned to ARO's and
> ACO's permissions?
>
> Second, the authorization checks have to be made explicitly using the
> Acl->check method or can be done implictly? of all of what I have read
> I have the impression that it can be handled both ways but now I'm
> very confused. If not and the only way is to explicitly do the checks,
> where do they should be done, on the beforeFilter method of each
> controller or on the same method of AppController?
>
> Third, the Auth component has a variable called authorize, which as
> far as I understand, it's used to set the type of authorization to be
> used or something like that. The possible values I'm aware of are
> crud" which is used to do authorization with CRUD actions, and
> "controller" and "model", which require a method called isAuthorized
> in the controller and model respectively where the authorization takes
> place. Is any other value for authorize that I'm not ware of and are
> my assumptions correct about the meaning of the possible values?
>
> Fourth, where should I specify a controller action's that don't need
> authentication nor authorization? on each controller on the
> beforeFilther method or in appController ?
>
> I think this is all for now, many thanks in advance for the answers.
>
> Cheers,
> --
> Juan Luis Baptiste
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
