#5809: add centralized aproach to allow controller/actions
--------------------------------+-------------------------------------------
    Reporter:  one-mb           |          Type:  Enhancement
      Status:  new              |      Priority:  Medium     
   Milestone:  2.0.0.x          |     Component:  Auth       
     Version:                   |      Severity:  Normal     
    Keywords:  auth controller  |   Php_version:  n/a        
Cake_version:  1.2.0.7296 RC2   |  
--------------------------------+-------------------------------------------
 we in our team stumbled across the following problem:
   * /notes/add  shall be allowed by all incl anonymous
   * /user/add   shall be allowed to some users only

 [[BR]][[BR]]
 '''currently''' this is possible:
   1. i could either add "add" to allowedActions in app_controller
 {{{
 // app_controller
 $this->Auth->allowedActions = array('display', 'login',
 'request_account');
 }}}
 what obviously whould be dumb[[BR]][[BR]]


   2. i could add some lines to *some* controllers
 {{{
 // NotesController::
 function beforeFitler() {
   parent::beforeFilter();
   $this->Auth->allow('add');
 }
 }}}
 which will be bad for reviewing.
 Enterprise project managers dont like to use "grep" to find out what's
 public.

 [[BR]][[BR]]
 '''Solutions: '''
   1. together with TommyO I came to this contemporary solution: :-)
 {{{

 // app_controller
 $allows = array(
         'Users' => array('login', 'request_account'),
         'Pages' => array('display'),
         'Notes' => array('add'),
 );
 if (!empty($allows[$this->name])) {
         $this->Auth->allow($allows[$this->name]);
 }

 }}}

 [[BR]][[BR]]
   2. what about a tweak to AuthComponent to also like this:
 {{{
 // app_controller
 $this->Auth->allowedActions = array(
         'Users' => array('login', 'request_account'),
         'Pages' => array('display'),
         'Notes' => array('add'),
 );
 }}}

-- 
Ticket URL: <https://trac.cakephp.org/ticket/5809>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design 
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. 
Our primary goal is to provide a structured framework that enables PHP users at 
all levels to rapidly develop robust web applications, without any loss to 
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---

  • [CakePHP : The Rapid Dev... CakePHP : The Rapid Development Framework for PHP

Reply via email to