Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class AppController extends Controller
- {
- public $components = ['Flash'];
- public function initialize()
- {
- parent::initialize();
- $this->loadComponent('Flash');
- $this->loadComponent('Auth', [
- 'authorize' => ['Controller'],
- //'unauthorizedRedirect' => false,
- //'authError' => 'No autorization',
- 'loginRedirect' => [
- 'controller' => 'Notas',
- 'action' => 'menu'
- ],
- 'logoutRedirect' => [
- 'controller' => 'Estados',
- 'action' => 'index'
- ],
- 'loginAction' => [
- 'controller' => 'Users',
- 'action' => 'login'
- ],
- 'authenticate' => [
- 'Form' => [
- 'userModel' => 'Users'
- 'fields' => ['username' => 'username', 'password' => 'password']
- ]
- ]
- ]);
- }
- public function beforeFilter(Event $event)
- {
- parent::beforeFilter($event);
- $this->Auth->allow(['index', 'view', 'display', 'nota' ]);
- }
- public function isAuthorized( $user = null )
- {
- // Admin can access every action
- //return true;
- if( empty( $user ) )
- return false;
- $role = '';
- if ( isset($user['role']) )
- {
- $role = trim($user['role']);
- }
- if( empty($role) )
- $role = $this->Auth->User('role');
- if( strtoupper($role) === 'ADMIN' )
- {
- //$this->Flash->success("Autorized");
- return true;
- }
- // Default no authorized
- return false;
- }
- }
- ------------------------------------------------------------------------------------------------------------------------
- Users controller
- <?php
- // src/Controller/UsersController.php
- namespace App\Controller;
- use App\Controller\AppController;
- //use Cake\Controller\Controller;
- use Cake\ORM\TableRegistry;
- use Cake\ORM\Table;
- use Cake\Event\Event;
- class UsersController extends AppController
- {
- public $components = ['Paginator', 'Flash', 'Auth'];
- public $paginate = [
- 'Users'=>[
- 'limit' => 25,
- 'order' => [
- 'Users.nombre' => 'asc'
- ]
- ]
- ];
- public function initialize()
- {
- parent::initialize();
- $this->viewBuilder()->layout('admin_template');
- }
- public function beforeFilter(Event $event)
- {
- parent::beforeFilter($event);
- $this->Auth->allow(['logout']);
- }
- public function isAuthorized( $user = null ){
- return parent::isAuthorized( $user );
- }
- public function login()
- {
- if ($this->request->is('post'))
- {
- $user = $this->Auth->identify();
- if ($user)
- {
- $session = $this->request->session();
- $this->Auth->setUser( $user );
- $auth_user = $this->Auth->user();
- //echo "<br> ROL auth_user: " . $auth_user['role']; // user here is not empty... is correct.
- //echo "<br> ROL: " . $this->Auth->User('role'); //this also works...... and has 'admin'
- return $this->redirect( $this->Auth->redirectUrl() );
- }
- $this->Flash->error('Usuario y/o contraseña incorrecto.');
- }
- }
- public function logout()
- {
- $this->Auth->logout();
- $this->Flash->success('Se ha cerrado la sesion con exito...');
- return $this->redirect( $this->Auth->logout() );
- }
- }
- ?>
- --------------------------------------------------------------------------------------
- NotasController
- <?php
- namespace App\Controller;
- use App\Controller\AppController;
- use Cake\Event\Event;
- //use Cake\Controller\Controller;
- use Cake\ORM\TableRegistry;
- use Cake\ORM\Table;
- use Cake\Utility\Inflector;
- class NotasController extends AppController {
- public $components = ['Paginator' ];
- public $paginate = [
- 'Notas'=>[
- 'limit' => 25,
- 'order' => [
- 'Notas.fecha' => 'asc'
- ]
- ]
- ];
- public function initialize()
- {
- parent::initialize();
- $this->viewBuilder()->layout('admin_template');
- }
- public function beforeFilter(Event $event)
- {
- parent::beforeFilter($event);
- //get the user logged in
- $auth_user = $this->Auth->user(); //here is null or empty.. why ?????
- if( $this->isAuthorized( $auth_user ) )
- {
- $this->Auth->allow();
- $this->set('auth_user', $auth_user );
- return;
- }
- $this->Flash->error("Not allowed");
- $this->redirect( ['action'=>'login', 'controller'=>'users'] );
- }
- public function beforeRender(Event $event)
- {
- parent::beforeRender($event);
- }
- public function isAuthorized( $user = null )
- {
- if( empty($user) ){ //// is always empty...... or null
- echo "User is empty";
- //die();
- return false;
- }
- $role = '';
- if ( isset($user['role']) )
- {
- $role = $user['role'];
- }
- if( empty($role) )
- $role = $this->Auth->User('role');
- $role = strtoupper($role);
- if( $role == 'ADMIN' )
- {
- return true;
- }
- return parent::isAuthorized($user);
- }
- public function menu(){
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement