[Top] [All Lists]

Re: isAuthorized() is never called

Subject: Re: isAuthorized() is never called
From: daf182
Date: Thu, 29 Mar 2012 12:42:10 -0700 PDT

I wrote this code moths ago:
abstract class AppController extends Controller {

    public $components = array(
        'Auth' => array(
            'loginRedirect' => array('controller' => 'pages', 'action' => 'index'),
            'logoutRedirect' => array('controller' => 'abouts', 'action' => 'index'),
            'authorize' => array('Controller'),
            'authError' => "You are not authorized to view this page."

    function beforeFilter() {
        $this->set('userId', $this->Auth->user('id'));
        $this->set('userRole', $this->Auth->user('role'));
        $this->set('userName', $this->Auth->user('username'));
        $this->set('isLoggedIn', $this->Auth->loggedIn());

    public function isAuthorized($user) {
        if (isset($user['role']) && $user['role'] === 'admin') {
            return true; //Admin can access every action
        return false; // The rest don't

2012. mÃrcius 28., szerda 15:09:03 UTC+2 idÅpontban Sony a kÃvetkezÅt Ãrta:

When I run a action, the access is refused because the method
isAuthorized() is never called.

AppController :


class AppController extends Controller {

        public $helpers = array ('Html', 'Form', 'Session', 'Time');

        public $components = array('Session', 'Auth');

        public function beforeFilter()
                $this->Auth->userModel = 'User';
                $this->Auth->fields = array('username' => 'username', 'password' =>
                $this->Auth->loginAction = array('controller' => 'users', 'action'
=> 'login');
                $this->Auth->loginRedirect = '/';
                $this->Auth->loginError = 'Nom d\'utilisateur ou mot de passe
                $this->Auth->logoutRedirect = '/';
                $this->Auth->authError = 'Vous n\'avez pas accÃs à cette page.';
                $this->Auth->autoRedirect = true;
                $this->Auth->authorize = 'controller';


        public function isAuthorized($user = null)
                return true;

My others controllers do not implement beforeFilter or isAuthorized.

Our newest site for the community: CakePHP Video Tutorials
Check out the new CakePHP Questions site and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@xxxxxxxxxxxxxxxx For more options, visit this group at
<Prev in Thread] Current Thread [Next in Thread>