#5930: AuthComponent::startup() redirects to login page when requesting a 
missing
page.
---------------------------------------------+------------------------------
    Reporter:  sebby                         |          Type:  Bug       
      Status:  new                           |      Priority:  High      
   Milestone:  1.2.x.x                       |     Component:  Components
     Version:                                |      Severity:  Major     
    Keywords:  AuthComponent missing action  |   Php_version:  n/a       
Cake_version:  1.2.0.7962                    |  
---------------------------------------------+------------------------------
 == What I did: ==

 Lets say I'm using something like this:
 [[BR]][[BR]]
 `/app/app_controller.php`:
 {{{
 class AppController extends Controller {

     public $components = array(
         'Auth'
     );

     public function beforeFilter() {
         // User Authentication
         $this->Auth->loginAction = array('controller' => 'users', 'action'
 => 'login');
         $this->Auth->allow('*');
     }

 }
 }}}
 [[BR]]
 `/app/controllers/posts_controller.php`:
 {{{
 class PostsController extends AppController {

     public $name = 'Posts';

 }
 }}}

 == What I expected to happen: ==

 When requesting `"http://localhost/posts/"`, I expect a "missing action"
 error because the `index()` method is not declared inside PostsController
 class and all actions are allowed from AuthComponent.

 == Why it didn't meet my expectations: ==

 The AuthComponent redirects me to login page. I know that when I use
 `$this->Auth->allowedActions = array('*')` instead of
 `$this->Auth->allow('*')` inside `AppController::beforeFilter()`
 everything works fine, but I prefer to use AuthComponent::allow() method.

 == Possible Fix ==

 Change the `$isAllowed` variable (found on
 
[https://trac.cakephp.org/browser/branches/1.2.x.x/cake/libs/controller/components/auth.php#L300
 /cake/libs/controller/components/auth.php] line
 
[https://trac.cakephp.org/browser/branches/1.2.x.x/cake/libs/controller/components/auth.php#L300
 300]) to something like this:
 {{{
         ...
         $isAllowed = (
             $this->allowedActions == array('*') ||
             in_array($controller->action, $this->allowedActions) ||
             !in_array($controller->action, $controller->methods)
         );
         ...
 }}}

 Thanks!

-- 
Ticket URL: <https://trac.cakephp.org/ticket/5930>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design 
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC. 
Our primary goal is to provide a structured framework that enables PHP users at 
all levels to rapidly develop robust web applications, without any loss to 
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to 
[email protected]
For more options, visit this group at 
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---

  • [CakePHP : The Rapid Dev... CakePHP : The Rapid Development Framework for PHP

Reply via email to