Databases
StackOverflow2013
Postsdbo
PORestricting and redirecting other user from admin in cakePHP
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PORestricting and redirecting other user from admin in cakePHP
    text
    copied!<p>I'm getting issue after logging in the site. There are two kinds of users i.e. 'admin','employer'. When I've logged in by employer, I can access the restricted area of Admin. Below is the AppController of the site..</p> <pre><code>class AppController extends Controller { public $helpers = array('Form', 'Html', 'Js', 'Time', 'Auth'); // Change template extension to .php instead of .ctp var $ext = '.php'; public $components = array( 'Session', 'Auth' =&gt; array( 'loginAction' =&gt; array( 'controller' =&gt; 'users', 'action' =&gt; 'login' ), 'loginRedirect' =&gt; array('controller' =&gt; 'users', 'action' =&gt; 'index'), 'logoutRedirect' =&gt; array('controller' =&gt; 'users', 'action' =&gt; 'login'), 'authenticate' =&gt; array('Form' =&gt; array('fields' =&gt; array('username' =&gt; 'email'))), 'authorize' =&gt; array('Controller') ) ); public function isAuthorized($user) { // Admin can access every action if (isset($user['type']) &amp;&amp; $user['type'] === 'admin') { return true; } // Default deny return false; } public function beforeFilter() { $this-&gt;Auth-&gt;allow(array('view', 'index','assessment','question')); } } </code></pre> <p>Now here is the controller which has methods for admin.</p> <pre><code>class TopicsController extends AppController { public $scaffold = 'admin'; public function beforeFilter() { if($this-&gt;Auth-&gt;user('type')!='employer'){ parent::beforeFilter(); $this-&gt;Auth-&gt;allow(array('view', 'index','moveup')); } else { $this-&gt;Auth-&gt;deny(array('view', 'index','moveup')); $this-&gt;redirect(array('controller' =&gt; 'employer' , 'action' =&gt; 'index')); } } public function isAuthorized($user) { return true; } public function index() { $this-&gt;set('topics', $this-&gt;Topic-&gt;children()); } } </code></pre> <p>If admin URL is <strong>www.example.com/admin/topics</strong> , Employer is redirected to <strong>www.example.com/admin/employer</strong> which is not right URL to be redirected.</p> <p>Also want to know about <code>public $scaffold = 'admin';</code> as It's little unclear to me. Please help me..</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload