On Apr 15, 11:09 am, John Andersen <[email protected]> wrote:
> I would disagree a little :) Sorry Jeremy
My $.02:
Assessors need to log in also so they should do so through
UsersController. Thus, both Assessor and what is currently User should
in actuality be deriviative classes. Say, Assessee. Put all common
fields (password, email, name, etc.) in users table. Then add 'model'
& 'association_key' fields to users table.
AppController:
public function beforeFilter()
{
parent::beforeFilter();
$this->Auth->authorize = 'controller';
$this->Auth->loginRedirect = array('controller' => 'pages', 'action'
=> 'display', 'home');
...
}
function isAuthorized()
{
return true;
}
AssessorsController:
function beforeFilter()
{
parent::beforeFilter();
$this->Auth->allowedActions = array('index', 'foo', 'bar');
}
function isAuthorized()
{
return $this->Auth->user('admin') || $this->Auth->user('model') ==
'Assessor';
}
The allowedActions are those that Auth needn't block at all (ie. open
to the public) while isAuthorized() checks access for any action not
in allowedActions.
UsersController:
public function login()
{
if ($user = $this->Auth->user())
{
/* send Assessors to their own profile page
*/
if ($this->Auth->user('model') == 'Assessor')
{
$this->redirect(
array(
'controller' => 'assessors',
'action' => 'view',
$this->Auth->user('association_key')
)
);
}
/* rest go to site home page
*/
$this->redirect($this->Auth->loginRedirect);
}
}
I posted some other code regarding this situation just a couple of
days ago:
http://groups.google.com/group/cake-php/browse_thread/thread/17c2781e2bcb73a1
Maybe a Bakery article is called for.
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
