RSS
 

Leave a Reply

Tip:
If you need to post a piece of code use {code type=php}...{/code}.
Allowed types are "php", "mysql", "html", "js", "css".

Please do not escape your post (leave all ", <, > and & as they are!). If you have encoded characters and need to reverse ("decode") it, you can do that here!
 

 
  1. Mark

    February 24, 2014 at 20:02

    Hi there,

    I have been trying to get this going for a few hours now. I wonder if I am missing something obvious.

    Authentication is working fine without your plugin (with no roles). I am using a role model with containable. My array looks like this:

    [code type=php}
    array(
    'User' =&gt; array(
    'id' =&gt; '1',
    'username' =&gt; 'mark',
    'Role' =&gt; array(
    (int) 0 =&gt; array(
    'id' =&gt; '1',
    'alias' =&gt; 'Superadmin',
    'RolesUser' =&gt; array(
    'id' =&gt; '1',
    'role_id' =&gt; '1',
    'user_id' =&gt; '1'
    )
    ),
    (int) 1 =&gt; array(
    'id' =&gt; '2',
    'alias' =&gt; 'Owner',
    'RolesUser' =&gt; array(
    'id' =&gt; '2',
    'role_id' =&gt; '2',
    'user_id' =&gt; '1'
    )
    )
    )
    )
    )
    {/code}

    I've done a bit of debugging here and there and can confirm the values are being loaded from the acl.ini file. But as soon as I enable the plugin using

    ($this->Auth->authorize = array('Tools.Tiny');

    I get stuck in a redirect loop.

    My component array looks like this:

    'Auth' => array(
    	    'loginRedirect' => array(
                    'controller' => 'dashboard',
                    'action' => 'index'
                ),
                'logoutRedirect' => array(
                    'controller' => 'users',
                    'action' => 'login'
                ),	    
    	    'authenticate' => array(
    		'Form' => array(
    		    'contain' => array('Role')
    		)
    	    )
    	)

    Any tips?

    Many thanks in advance, Mark

     
  2. Mark

    February 24, 2014 at 20:02

    Here is that array again with proper formatting:

    array(
    	'User' => array(
    		'id' => '1',
    		'username' => 'mark',
    		'Role' => array(
    			(int) 0 => array(
    				'id' => '1',
    				'alias' => 'Superadmin',
    				'RolesUser' => array(
    					'id' => '1',
    					'role_id' => '1',
    					'user_id' => '1'
    				)
    			),
    			(int) 1 => array(
    				'id' => '2',
    				'alias' => 'Owner',
    				'RolesUser' => array(
    					'id' => '2',
    					'role_id' => '2',
    					'user_id' => '1'
    				)
    			)
    		)
    	)
    )
     
  3. Mark

    February 24, 2014 at 20:20

    How does your acl.ini look like?
    Did you try to debug the TinyAuth class where exactly it breaks?
    Also make sure you are using the current master (head).

     
  4. Mark

    February 24, 2014 at 21:04

    Hi Mark,

    Thanks for such a quick response!

    I have tried fiddling with the ini quite a bit, it currently looks like this:

    [People]
    * = Superadmin
     
    [Companies]
    * = Superadmin
    index = *

    I downloaded your whole Tools plugin from github just today, so presumably it is the most recent version.

    I have been debugging the TinyAuthorize.php file, trying to figure out where it gets to. I got as far as debugging the $iniArray var (which contained my ini statements), and $availableRoles which contains all the roles in my database.

    I will try some more debugging tomorrow.

    Many thanks again,
    Mark

     
  5. Mark

    February 25, 2014 at 10:34

    You seem to have a multi-role setup (instead of a single belongsTo relation, did you configure Tiny appropriately?

    Note that there is a test case that seems to proof that your exact array setup in the session should work just fine.
    Maybe you can write test case that disproves that?

     
  6. Nils

    April 27, 2015 at 19:03

    Thanks for your work! A noob question: I am looking for a solution where I don't authorize users for a whole action but e.g. I wan't users in all index-actions only to see those model-instances that are bound to their userid. Does TinyAuth the trick or would it be better to use some magic from within the cakephp framework?

     
  7. Mark

    April 27, 2015 at 19:05

    I would probably do that as inline checks, usually this is often just a condition to append to the find() call you are doing anyway.

     
  8. Nils

    April 27, 2015 at 19:20

    Thanks for the fast reply!! I will try that. :)

     
  9. Marco

    May 11, 2015 at 18:36

    Hi! I've got a relation HABTM (One User – Many Roles), but this plugin doesn't work! :(

    When I debug User Session data, it looks like

    array(
    	'User' => array(
    		'id' => '9',
    		'username' => 'falco',
    		'email' => '*******@*****.com',
    		'created' => '2015-05-11 14:07:01',
    		'modified' => '2015-05-11 17:24:57',
    		'Role' => array(
    			(int) 0 => array(
    				'id' => '12',
    				'alias' => 'Admin',
    				'name' => 'Admin',
    				'created' => null,
    				'modified' => '2015-05-11 17:06:05'
    			),
    			(int) 1 => array(
    				'id' => '13',
    				'alias' => 'User',
    				'name' => 'User',
    				'created' => null,
    				'modified' => '2015-05-11 17:06:15'
    			),
    			(int) 2 => array(
    				'id' => '14',
    				'alias' => 'Superadmin',
    				'name' => 'Superadmin',
    				'created' => null,
    				'modified' => '2015-05-11 17:06:22'
    			)
    		)
    	)
    )

    and I configured the AppController like this

    public $components = array(
    		'Acl',
    		'Session',
    		'DebugKit.Toolbar',
    		'Auth'=>array(
    			'loginRedirect'=>array('controller'=>'pages','action'=>'display','home'),
    			'logoutRedirect'=>array('controller'=>'pages','action'=>'display','home'),
    			'authenticate'=>array('Form'=>array('contain'=>'Role')),
    			'authorize'=>array(
    				'Tools.Tiny'=>array(
    					'aclModel' => 'Role',
    					'superadminRole' => 14,
    				)
    			),
    			'authError' => 'Did you really think you are allowed to see that?',
    		)
    	);

    I've got a 'users' table and a 'roles' table, and a 'roles_users' join table with a hasAndBelongsToMany relationship that works (join table is populated successfully).

    What am I doing wrong? :(

     
  10. Mark

    May 11, 2015 at 18:43

    Well, the session data looks right. And the config too,
    see the test case ( https://github.com/dereuromark/cakephp-tools/blob/master/Test/Case/Controller/Component/Auth/TinyAuthorizeTest.php#L179 ) which covers exactly that.

    What exactly doesnt work?
    Is the access not granted? Maybe there is a different error here.
    Try to debug it where exactly it fails.