#5809: add centralized aproach to allow controller/actions
--------------------------------+-------------------------------------------
Reporter: one-mb | Type: Enhancement
Status: new | Priority: Medium
Milestone: 2.0.0.x | Component: Auth
Version: | Severity: Normal
Keywords: auth controller | Php_version: n/a
Cake_version: 1.2.0.7296 RC2 |
--------------------------------+-------------------------------------------
we in our team stumbled across the following problem:
* /notes/add shall be allowed by all incl anonymous
* /user/add shall be allowed to some users only
[[BR]][[BR]]
'''currently''' this is possible:
1. i could either add "add" to allowedActions in app_controller
{{{
// app_controller
$this->Auth->allowedActions = array('display', 'login',
'request_account');
}}}
what obviously whould be dumb[[BR]][[BR]]
2. i could add some lines to *some* controllers
{{{
// NotesController::
function beforeFitler() {
parent::beforeFilter();
$this->Auth->allow('add');
}
}}}
which will be bad for reviewing.
Enterprise project managers dont like to use "grep" to find out what's
public.
[[BR]][[BR]]
'''Solutions: '''
1. together with TommyO I came to this contemporary solution: :-)
{{{
// app_controller
$allows = array(
'Users' => array('login', 'request_account'),
'Pages' => array('display'),
'Notes' => array('add'),
);
if (!empty($allows[$this->name])) {
$this->Auth->allow($allows[$this->name]);
}
}}}
[[BR]][[BR]]
2. what about a tweak to AuthComponent to also like this:
{{{
// app_controller
$this->Auth->allowedActions = array(
'Users' => array('login', 'request_account'),
'Pages' => array('display'),
'Notes' => array('add'),
);
}}}
--
Ticket URL: <https://trac.cakephp.org/ticket/5809>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
