ACL in plugin cakephp application

Question

I started creating plugin for my application, and I encountered one problem. Since application is ACL controlled it's seems that that applies to plugin also.

I want some actions of plugin to be accessible only to registered users and others to everyone. The problem is that I get redirected to plugin.UsersController's login action. I dont have that controller in my plugin.

Any ideas how to solve this?

Answer 1

Array urls and CakePHP routing

AuthComponent::$loginRedirect is the url to redirect users to to login. If it's defined as an array, it will obey the normal routing rules for CakePHP that is:

$url = Router::url(array(
    'action' => 'index'
));

This is the current route-prefix, plugin and controller - with the action index

$url = Router::url(array(
    'controller' => 'foos', 
    'action' => 'index'
));

This is the current prefix and plugin - with the controller foos and the action index

$url = Router::url(array(
    'plugin' => null, 
    'controller' => 'foos', 
    'action' => 'index'
));

This is the current prefix - with no plugin, the controller foos and the action index

$url = Router::url(array(
    'prefix' => null, 
    'plugin' => null, 
    'controller' => 'foos', 
    'action' => 'index'
));

This defines all defaults - no route prefix, no plugin, the controller foos and the action index

Configure Auth appropriately

Therefore, to configure the auth redirect - just ensure to define the plugin and routing prefix:

public function beforeFilter() {
    $this->Auth->loginRedirect = array(
        'prefix' => null,
        'plugin' => null,
        'controller' => 'users',
        'action' => 'login'
    );

    parent::beforeFilter();
}

OR define it as a string:

public function beforeFilter() {
    $this->Auth->loginRedirect = '/users/login';

    parent::beforeFilter();
}