I have:
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
$this->Auth->allow(array('users' => 'register'));
if ($this->Auth->user('User.role') == 0)
{
$this->Auth->deny('*');
$this->Auth->allow(array('books' => 'index'));
}
else
{
$this->Auth->deny('*');
}
}
}
Now even if user's role is 0, even if user's role is 0 different I'm
allowed everywhere on my site (no action denied).
Ideas?
On 6 Ago, 22:18, Dan Heberden <[email protected]> wrote:
> Just get the role and apply it?
>
> if( $this->Auth->user('User.role') > 1 ) { // is admin
> $this->Auth->allow( array('secretController' =>
> 'superSecureAction' ) );
>
> }
>
> On Aug 6, 1:12 pm, "Mariano C." <[email protected]> wrote:
>
>
>
> > I have users table, with field id, username, password and role.
> > role is a numeric value: 0 banned users, 1 registered users, 2 admins.
>
> > I've coded AppController like:
> > class AppController extends Controller {
> > var $components = array('Auth');
>
> > function beforeFilter()
> > {
> > $this->Auth->allow(array('users' => 'register'));
> > }
>
> > }
>
> > So every user can reach registration page.
> > Now I would that for user with different role will be allowed
> > different action. How can I handle this just inside the AppController?
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
