cakephp在beforeFilter中正确管理权限
[英]cakephp manage correctly permission in beforeFilter
问题描述
I have a little problem isnisde my controller. 
我有一点问题isnisde我的控制器。 I want that a user can access only inside some pages an andmin user inside more pages. 我希望用户只能在更多页面内的某些页面内访问andmin用户。
I have a controller called UsersController this is its beforeFilter method 我有一个名为UsersController的控制器,这是它的beforeFilter方法
public function beforeFilter () {
parent::beforeFilter(); // chiamo anche il callback beforeFilter dal parent per ottenere un'autorizzazione per l'utente loggato da tutte le viste $this->Auth->allow('index','view'); per tutti i Model
$views = array ('login','register','activate');
if ($this->Session->read('is_logged')) {
$views = array_merge ($views, array ('login','logout', 'change_password'));
if ($user_type == 'admin') {
$views = array_merge ($views, array ('add','delete','edit','create','index'));
}
}
$this->Auth->allow($views);
}
in this function guest can enter inside login, register and activate. 在此功能中,访客可以进入内部登录,注册和激活。
user logged can access inside login. 用户登录可以在登录内访问。 logout and change_password, admin to the other pages more. logout和change_password,admin更多其他页面。
But this not works. 但这不起作用。 For example a user logged can access inside the index view or add view. 例如,记录的用户可以在索引视图内访问或添加视图。
Why this? 为什么这个?
This is my beforeFilter inside appController: 这是我在appFtroller里面的beforeFilter:
public function beforeFilter () {
$this->setReleaseData();
$this->checkUserStatus();
$this->updateTimezone();
$this->setRedirect();
if($this->Session->read('is_logged')){
$auth_user = $this->Auth->user();
$this->set('user_type', $auth_user['group']);
}
}
How can I manage correctly permission to enter in pages? 如何正确管理进入页面的权限?
Thanks 谢谢
2 个解决方案
解决方案1
1 2013-11-13 01:10:23
I'd look into Auth Controller a little more. 我会再看一下Auth Controller。 Try using Admin Routing (Turned on in App/Config/core.php) along with $this->Auth->allow() which can be set by default beforeFilter() in the AppController.php and then set with in each controller's beforeFilter as well. 尝试使用管理路由(在App / Config / core.php中打开)以及$ this-> Auth-> allow(),它可以在AppController.php中默认设置为beforeFilter(),然后在每个控制器的beforeFilter中设置同样。
/**
* @var mixed[mixed]
*/
public $components = array(
'Auth' => array(
'autoRedirect' => false,
'loginRedirect' => array(
'admin' => true,
'controller' => 'homes',
'action' => 'index',
),
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'admin' => false,
'plugin' => false,
),
'authenticate' => array(
'Form',
),
),
'Session',
'Cookie',
);
/**
* Before Filter callback
*/
public function beforeFilter() {
// Allow public views
$this->Auth->allow('index', 'view', 'display');
}
解决方案2
1 已采纳 2013-11-13 01:58:57
I see you are not using an Authorization Handler, thus you will have to manually deny the access to actions 我发现您没有使用授权处理程序,因此您必须手动拒绝对操作的访问
$this->Auth->deny(array('index', 'add', 'edit', 'etc'));
EDIT 编辑
I would actually start by denying access to everything, in your beforeFilter (AppController) 我实际上会在你的beforeFilter(AppController)中拒绝访问所有内容
$this->Auth->deny();
and then in the beforeFilter() of you specific controller 然后在你特定控制器的beforeFilter()中
if ($user_type == 'admin') {
$this->Auth->allow('actionThatYouWantToGrantAccess');
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.