Reputation: 3615
I am using this tutorial to add an Authentication and Authorization component to my app.
The problem is that all the tutorials I find only assume that a user will only have one role. In the attached video, the roles is simply an enum field in the users table. What I have is three tables:
I have the log in process working, up to getting the roles for the logged in user. What is the best method to do this? Does anyone know of a tutorial that includes this as well? I am using Cake 2.5.2
I can post what ever code you might think relevant, but I have pretty much whats in the video. Also, a lot of the inner working of the code seems to be hidden. Any suggestions would be great!
thanks
EDIT
Below are the models for my User/Roles/Responsibilities tables that I would like added to the users object:
**User Table:**
id (pk)
first_name
last_name
username
password
**Role Table**
id(pk)
role_name
**Responsibility Table**
id(pk)
responsibility_name
**user_roles_membership**
id(pk)
role_id(fk)
user_id(fk)
**roles_responsibilities_membership**
id(pk)
roles_id(fk)
responsibility_id(fk)
Simple Cake Authentication and Authorization
Upvotes: 2
Views: 1373
Reputation: 25698
To answer that in detail would require me to write the whole code or an exhaustive article for you - I'm not going to do that. Instead I'll point you in the right direction.
When the user is logged in, fetch all associated roles and responsibilities for that user. The following code is taken from this part of the documentation (read the whole page!). I have no clue how your data is associated so I'm just guessing here.
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'contain' => array(
'Responsibility',
'Role'
)
),
'Form'
);
Look at your session after the user is logged in now, you should see the additional data there. Use DebugKit for that for example or debug() the session.
Next thing is to write a customized Authorization handler that will work with that data. The documentation shows you how to do that here.
App::uses('BaseAuthorize', 'Controller/Component/Auth');
class MyAuthorize extends BaseAuthorize {
public function authorize($user, CakeRequest $request) {
// Do things for your permission system here.
}
}
Inside the authorize() method add whatever logic you need to check the permissions for your current logged in user, passed as first arg, and check them against whatever you want to check in the request, passed as 2nd arg.
All of this is pretty straight forward and well documented on this page. Again, I recommend you to read the whole page. It should become obvious to you then how to get this done.
Also you might want to ask a more specific question than this very generic one in the case you encounter problems with the implementation.
Upvotes: 1