CakePHP Acl + Auth Success

Posted on 2010/07/04 by Randall.
Categories: Uncategorized.

I think that I finally cracked the problem, and have found my own best way of dealing with Cake’s authorization and access-control features. It’s about time! Still, it feels a bit yucky…I have had to resort to sub-classing the AuthComponent and adding in a few lines of code to create my own AuthComponent::isAuthorized(). The change I made just tries the user-based check first, and if that fails it tries the group-based check. This feels likes something that must be baked-in to the framework, but I’m just blind to the fact.

I really should come back at a later date and do a little better write-up of my findings. For now I will just say that I went with checking actions, not crud. I sub-classed the AuthComponent to override isAuthorized(). In my app_controller.php I implemented the constructClasses() function and added this line of code $this->Auth = $this->MyAuth; to replace the built-in version of Auth. My tree of aros is 3 deep with 2 levels of groups, a top-level to enclose the three lower-level groups…with individual users descending from these lower-level groups.

no comments yet.

Leave a comment

Names and email addresses are required (email addresses aren't displayed), url's are optional.

Comments may contain the following xhtml tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>