All geek questions in one place

AAuthorized cakephp redirect URL

When isAuthorized = false user is redirected to '/', there is a way to change this. I want to redirect to the user dashboard (/ users / dashboard) a flash message "Deny access" or something like that.

Hooray!

 public function isAuthorized($user) { if (isset($user['role']) && $user['role'] === 'admin') { return true; //Admin can access every action } return false; // The rest don't }
+4
source share
6 answers

If your isAuthorized variable is evaluated in your controller.

You can call the redirect function.

 $this->redirect(array('controller' => 'users', 'action' => 'dashboard'));

If you are actually inside an allready user controller, just call

 $this->redirect(array('action' => 'dashboard'));

If not, where do you check the isAuthorized value?

This is not an ideal solution. However, there seems to be no way to do this using the built-in AuthComponent

Edit: Added code as an example.

 public function isAuthorized($user) { if (parent::isAuthorized($user)) { return true; } // Authorised actions if (in_array($this->action, array('dashboard'))) { return true; } // Will break out on this call $this->redirect(array('controller' => 'users', 'action' => 'dashboard')); return false; }
+1
source

I think the best way is to use an exception and propagate as follows:

Appcontroller.php

  public function isAuthorized($user) { throw new ForbiddenException(__('You are not authorized to access.')); }

AnotherController.php

 public function isAuthorized($user) { if (isset($user['role']) && $user['role'] === 'admin') { return true; } return parent::isAuthorized($user); }

With this code, you can manage roles and errors.

+1
source

If they log out, you can send them wherever you want:

 $this->Auth->logoutRedirect

I personally would use:

 $this->Auth->authError = "You are not authorized to access.";

To redirect them to root with a flash message notifying of an error.

0
source

Incorrect AuthComponent behavior.

In a nutshell: if the URL is visited by a link, the structure can reconstruct the path and then redirect to the link page. Otherwise (by directly accessing the URL panel), it fails and is redirected to the main page.

A “bug” is documented and will be fixed in a future release.

See: http://cakephp.lighthouseapp.com/projects/42648/tickets/591-inconsistent-redirect-behaviour-by-auth-acl

0
source

I am a little better than @ deep55.

The isAuthorized () method can throw an exception without problems, but I believe that inheriting the controllers will allow us to improve the authorization algorithm using the first AppController.isAuthorized (), and not the last.

So here is my solution, assuming that I am using a custom model called Utilisateur and a role model called Role.

AppController:

 /** * Parent method */ public function isAuthorized($user){ App::uses('Utilisateur','Model'); $User = new Utilisateur(); $isAdmin = $User->hasRole(10,$user['id']); if ($isAdmin) { return true; } } /** * Reject unauthorized actions */ public function rejectRequest(){ $errorMessage = __("Sorry, you can't do this."); if ($this->isRest()) { throw new ForbiddenException($errorMessage); } else { $this->Auth->authError = $errorMessage; $this->Auth->flash['params']['class'] = 'alert-danger'; } return false ; }

Utilisateur Model:

 /** * hasRole method return true if the user belongs to the correct role group */ public function hasRole($role_id, $user_id){ if (!isset($user_id)) { if (!empty($this->id)) { $user_id = $this->id ; } else throw new Exception("Error, parameter $user_id is missing", 1); } $user = $this->find('first',array( 'conditions' => array('Utilisateur.id' => $user_id), 'fields' => array('id'), 'contain' => array('Role.id') )); $roles = $user['Role']; foreach ($roles as $r) { if ($role_id == $r['id']) { return true; } } }

And last, in a specific controller:

 /** * Child method */ public function isAuthorized($user){ if (parent::isAuthorized($user)) { return true; } if ( false ) { return true ; } if ( false ) { return true ; } return $this->rejectRequest() ; }
0
source

For Cake version 2, as written in the documentation for AuthComponent :

AuthComponent :: $ unauthorizedRedirect

Manages unauthorized access processing. By default, an unauthorized user is redirected to the referrer URL or AuthComponent :: $ loginRedirect or '/. If set to false, a ForbiddenException is thrown instead of a redirect.

you can configure AuthComponent to redirect to the user page in one place using the unauthorizedRedirect property. Just install it in the place where you configure Auth as a component

 'Auth' => array( ... other settings..., 'unauthorizedRedirect' => '/users/dashboard' )

After the redirect, you can print the error message defined by the authError property

 echo $this->Session->flash(); echo $this->Session->flash('auth');

but it will be the same message for any authentication or authorization.

0
source

Source: https://habr.com/ru/post/1399093/

More articles:


All Articles