On Thu, Sep 9, 2010 at 3:10 PM, calzone <[email protected]> wrote:
> I've been searching the web for an hour now trying to find out how to
> do this and no one seems to be talking about it.
>
> Namely, the problem is that when I set $this->Auth->allow('display')
> (or allowedActions or other flavors of the same thing) I get a
> situation where all my /pages content is available to non-
> authenticated users. I have a site where only the home page should be
> allowed.
>
> I've tried entering a complete route, array('controller' => 'pages',
> 'action' => 'display', 'home') to no avail.
>
> All I want is to lock down everything except the exact specific /pages
> content that I want to reveal. All other /pages content should be
> protected just like the rest of the controllers. There must be a way
> to do this isn't there?
Auth restricts based on actions, while what you're looking for is
restriction based on request parameters. Fortunately, in your specific
case, there's a simple solution:
public function beforeFilter()
{
$this->Auth->deny('*');
if (TEST)
{
$this->Auth->allowedActions = array('display');
}
}
Where TEST has a look at $this->params to see if the requested page is
the one you want to allow.
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
