using Auth::hasRole() about cakephp-tinyauth HOT 9 CLOSED

The main reason is that the session is not static access anymore in 3.x, as such you need to pass it in manually now.

from cakephp-tinyauth.

But if you use the component or helper, it should be done for you, and you can use the same nice wrapping as before: `$this->AuthUser->hasRole()``.
Those are currently part of the tools plugin, where the Auth part should be as well (or?), as this seems to be quite more specific than the tinyauth itself.

from cakephp-tinyauth.

Hello!

Thanks for your answer. I just testet using AuthUser but something is wrong.

I put $this->loadComponent('Tools.AuthUser'); after loading TinyAuth and tried debug($this->AuthUser->hasRole( ROLE_MEMBER )); afterwards resulting in false when it should be true.

In auth.php (which i loaded in bootstrap.php) is the following defined:

define('ROLE_MEMBER', 1);
define('ROLE_OFFICE', 2);

return [
    'Roles' => [
        'office' => ROLE_OFFICE,
        'member' => ROLE_MEMBER,
    ],
];

Every definition in acl.ini works perfectly.

It seems that there is an error in AuthUserTrait::roles(). The call to $roles = $this->user(USER_ROLE_KEY); returns null. If I replace it for example with $roles = $this->user('role_id'); it works.

Am I doing something wrong?

Thanks,
Bernhard

from cakephp-tinyauth.

Sure you defined USER_ROLE_KEY?
As the code shows it defaults to define('USER_ROLE_KEY', 'Roles') for non-db config.

from cakephp-tinyauth.

Mmmh, I thought this is handled like a linked model and translated somewhere to role_id ...?

What about this comment? Says like it sould be role_id ...?

from cakephp-tinyauth.

Just define it as you need it in your bootstrap :)

define('USER_ROLE_KEY', 'role_id')

from cakephp-tinyauth.

It works! Thanks!

I was wondering if you could give me some advice? Using TinyAuth I need to check for ACL rights given in acl.ini. Right now I'm using a custom component llike this:

class AclComponent extends Component {
    public function check ( $controllerName, $action, $plugin = null )  {
        $request = new Request();
        $request->addParams( [ 'controller' => $controllerName, 'action' => $action, 'plugin' => $plugin ] );
        return $controller = $this->_registry->getController()->Auth->isAuthorized( null, $request );
    }
}

Is this ok? Or is there a better way I'm not seeing ...?

Thanks!

from cakephp-tinyauth.

cool.
Feel free to PR docs adjustments so other people know what to do :)

Well, the acl was never intended to be used like this. So if it works, I guess its fine.
There might be refactoring possible that could make it cleaner or easier, though.
If you have suggestions let me know.

from cakephp-tinyauth.

Mmmh. I guess adding this functionality to TinyAuthorize.php would be a good idea. What do you think about a wrapper aroung TinyAuthorize::authorize($user, Request $request)?

from cakephp-tinyauth.