Re: How do i restrict access to the Admin Page

On Sun, Jan 9, 2011 at 10:24 AM, tubiz <tayinla@gmail.com> wrote:
> Please i am already done creating a CakePhp Application but the
> problem i am having presently is how to restrict users access to the
> admin area. I am using the users table both for my site users and also
> for the administrator as well. I have already created a field called
> role in the Users table and i have given the administrator the role of
> admin.
> Please how do i allow access to the administrator area to only the
> users who have an admin role.

Put this in AppController::beforeFilter() method:

$this->Auth->authorize = 'controller';

And add this mehtod:

function isAuthorized()
{
if (isset($this->params['prefix']) && $this->params['prefix'] == 'admin')
{
if ($this->Auth->user('role') != 'admin')
{
return false;
}
}
return true;
}

And, if you need finer control for certain controllers:

function isAuthorized()
{
if (parent::isAuthorized())
{
// do other checks, return true or false as necessary
}
return false;
}

But see the examples here:
http://book.cakephp.org/view/1275/authorize

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en