>
> Well, I needed something with role and access for a system I was working
> on.
What I did was to create a field called Access in the DB to control access
to each Module of the system, and another field called Actions to control
wich "actions" they could performe.
.
So I have 2 Modules, one called Distributors, and one called Personals.
By the moment I create a user that could access Distributors, I saved that
controllers name in the field Access as a string. But I don't want him to
edit the info of the Distributors, just view and search. Well, I save a
string as "view; search" in Actions.
Then, in app/appController:
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => '', 'action' =>
'index'),
'logoutRedirect' => array('controller' => 'users', 'action' =>
'login'),
'authorize' => array('Controller') // I want to check every
controller the user Access.
)
);
and, as I can read the info from the Auth method in the appController:
public function isAuthorized($user) {
if(isset($user['role']) && $user['role'] === 'admin') { // admin can
access all actions
return true;
}
if(in_array($this->action, array('index', 'view', 'search', 'add')){
$controller = $this->params['controller'];
$action = $this->action;
$allow_controllers = explode('; ', $user['Access']); //list of controllers
in Access
$allow_actions = explode('; ', $user['Actions']); //list of actions in
Actions
//Now we check if this user has access to the Controller and the Action his
trying to see.
if(in_array($controller, $user['Access']) && in_array($action,
$user['Actions'])){
return true; //he can
}
}
return false; /he can't. Sorry.
}
And that's it. It's very simple but it works for me =). Now you can add as
many controllers as you need in the future, and you won't have to rewrite
the code. Just give access to the users you want in your Users Module. Hope
it helps...
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
