cakephpaccess-controlcakephp-3.xrbac
how to create user role wise access control in user and role table joining in cakephp 3?
user table
role table
I just want to allow access control to role table set like: ctrl_view = 1 means this role can view any controller view.
How can I set different action in different role?
Solution
Follow conventions, user_role_id should be named "role_id", role_id only "id" and user_name should be "username" or inside your Auth configuration change the default fields name use for your connection form.
public function initialize()
{
//...
$this->loadComponent('Auth', [
'loginRedirect' => [
'controller' => 'Pages',
'action' => 'welcome',
'prefix' => 'admin'
],
'logoutRedirect' => [
'controller' => 'Users',
'action' => 'login',
'prefix' => false
],
'authError' => 'Unauthorized access...',
'authenticate' => [
'Form' => [
'fields' => ['username' => 'user_name', 'password' => 'password']
]
],
'authorize' => 'Controller',
'unauthorizedRedirect' => [
'controller' => 'Pages',
'action' => 'unauthorized'
],
]);
// ...
}
and inside your Appcontroller make somtehing like this
public function isAuthorized($user)
{
if(!is_null($this->Auth->user())): // if user is logged
$action = $this->request->getParam('action'); // get name action
$this->loadModel('Roles'); // load your model Roles
$query = $this->Authorizations->find() // find inside Roles
->where([
'Roles.role_id IN' => $user['user_role_id'], // where role_id is like user_role_id of current user
'Roles.ctl_'.$action => 1 // and where ctl_[action] is set to 1
])->toArray();
if (!empty($query)): // if we find an occurence, we allow the action
return true;
else: // else we don't authorize
return false,
endif;
/* previous lines can be change with this ----> return (!empty($query)); */
else: // if user is not connected we don't allow action
return false
endif;
}
and to finish, i think it's better to use "prefix", with prefix u can simplify your authorisation process (will no prefix i allow, with prefix i check my role table), for this you have to simply add these line in the beginin of your isAuthorized function:
if (!$this->request->getParam('prefix')) {
return true;
}
Hope it helps
- PHPUnit's returnValueMap not yielding expected results
- Bake every table in CakePHP?
- Cake doesn't not bake all templates
- cakephp 4.* cake : The term 'cake' is not recognized as the name of a cmdlet
- Can an aliased query use a contain clause?
- one query for all array data! result is by separating for each id of array
- Cakephp 2.5 Postlink hiding the model attribute name at the URL
- CakePHP giving error 302 (due to sessions?) after migrating a website
- CakePHP Pagination - how to remove "page:" from url for better seo/cleaner URL
- cakePHP Pagination View
- Passing a URL to CakePdf
- CakePHP - Sanitize::clean leaving &amp and \n
- Controller logic in Element View in CakePHP
- How I can paginate custom array in CakePHP
- Cake Bake error
- Use CakePHP Http Client with Magento2 rest API search criteria
- CakePHP deletes other HABTM records on saveAll
- cakephp and https redirects
- Concatinating and Counting Fields in Cakephp
- CakePHP 3 Paginator using FIELD() in ORDER clause
- saveAll() Failing with CakePHP 2.3.1
- cakephp: export filtered data to Excel
- CakeDC Ratings Plugin - any tutorial/instructions anywhere?
- Select All Events with Event->Schedule->Date between start and end dates in CakePHP
- Cakephp: How to use migration to insert records
- Cakephp PolymorphicBehavior errors
- How to select a specific field additionally to a tables default fields?
- Action not running with CakePHP Js->submit()
- CakePHP + Facebook
- How to create new Helper that uses the TemplaterTrait in CakePHP3?