Cakephp: Routing and default views

Question

I'm currently trying to add an admin mode to my cakephp site.

I followed a tutorial on the web and added a routing prefix:

Configure::write('Routing.prefixes', array('admin'));

Then I implemented login and logout functionality.

I added a admin_view.ctp and admin_index.ctp to a model where I want to restrict access. Therefore I deleted view.ctp and index.ctp and expected that only admins could view the model by using:

http://xxxx/model/admin/index

But when I entered

http://xxxx/model/index

a default view appeared that I could not disable (it allows model manipulation). Is there a standard way to disable all these default views or do I have to create a index.ctp and view.ctp that simply show error messages?

Answer 1

If you want to disallow certain action, you need to setup ACL, which is described here. And for authentication, in your controller you need something like this:

class SomethingsController extends AppController
{
var $components = array('Auth');

//this will allow all users access to the index
//and view methods ( but not any other)
    function beforeFilter() {
            $this->Auth->allow('index','view');
    }

// other actions
}

Hope this helps.

Answer 2

Delete default controller methods: function index(), view(), add(), edit() and delete(). Removing *.ctp templates is not enough.