CODEWITHSUNDEEP
cakephpcakephp-2.0cakephp-2.1
Shaunak Shukla
Shaunak Shukla

Reputation: 2347

Restricting and redirecting other user from admin in cakePHP

I'm getting issue after logging in the site. There are two kinds of users i.e. 'admin','employer'. When I've logged in by employer, I can access the restricted area of Admin. Below is the AppController of the site..

class AppController extends Controller {
        public $helpers = array('Form', 'Html', 'Js', 'Time', 'Auth');

        // Change template extension to .php instead of .ctp
        var $ext = '.php';
        public $components = array(
            'Session',
            'Auth' => array(
                'loginAction' => array(
                    'controller' => 'users',
                    'action' => 'login'
                ),
                'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
                'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
                'authenticate' => array('Form' => array('fields' => array('username' => 'email'))),
                'authorize' => array('Controller')
            )
        );

        public function isAuthorized($user) {

            // Admin can access every action
            if (isset($user['type']) && $user['type'] === 'admin') {
                return true;
            }

            // Default deny
            return false;
        }

        public function beforeFilter() {
            $this->Auth->allow(array('view', 'index','assessment','question'));
        } 
    }

Now here is the controller which has methods for admin.

class TopicsController extends AppController {

    public $scaffold = 'admin';
    public function beforeFilter() {

        if($this->Auth->user('type')!='employer'){
           parent::beforeFilter();
           $this->Auth->allow(array('view', 'index','moveup'));
        } else {
           $this->Auth->deny(array('view', 'index','moveup'));
           $this->redirect(array('controller' => 'employer' , 'action' => 'index'));
        }

    }
    public function isAuthorized($user) {
        return true;
    }

    public function index() {
      $this->set('topics', $this->Topic->children());
    }

}

If admin URL is www.example.com/admin/topics , Employer is redirected to www.example.com/admin/employer which is not right URL to be redirected.

Also want to know about public $scaffold = 'admin'; as It's little unclear to me. Please help me..

Upvotes: 2

Views: 1960

Answers (1)

Shaunak Shukla
Shaunak Shukla

Reputation: 2347

Ok.. Found one way to redirect, which made my issue solved for a now.. Still looking for proper answer if anybody has..

I changed code from

$this->redirect(array('controller' => 'employer' , 'action' => 'index'));

to 

$this->redirect('employer');

.. EDIT: Thanks Alex, I've used 

$this->redirect(array('controller' => 'employer' , 'action' => 'index', 'admin'=>false));

and it's working too..

Upvotes: 3

Related Questions