On Sun, Jan 9, 2011 at 10:24 AM, tubiz <[email protected]> wrote:
> Please i am already done creating a CakePhp Application but the
> problem i am having presently is how to restrict users access to the
> admin area. I am using the users table both for my site users and also
> for the administrator as well. I have already created a field called
> role in the Users table and i have given the administrator the role of
> admin.
> Please how do i allow access to the administrator area to only the
> users who have an admin role.
Put this in AppController::beforeFilter() method:
$this->Auth->authorize = 'controller';
And add this mehtod:
function isAuthorized()
{
if (isset($this->params['prefix']) && $this->params['prefix'] ==
'admin')
{
if ($this->Auth->user('role') != 'admin')
{
return false;
}
}
return true;
}
And, if you need finer control for certain controllers:
function isAuthorized()
{
if (parent::isAuthorized())
{
// do other checks, return true or false as necessary
}
return false;
}
But see the examples here:
http://book.cakephp.org/view/1275/authorize
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
