Home/ Questions/Q 6946421
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T13:33:47+00:00

All, Here I am with CakePHP ACL again. After many headaches, I was able

  • 0

All,

Here I am with CakePHP ACL again. After many headaches, I was able to get Alaxos ACL to work for me. I set group permission, etc, and it works great. However, I am having issue with one controller that does not make sense to me at all…

  • In this controller articles_controller.php it looks like beforeFilter() has not effect

In my app_controller.php I have

function beforeFilter(){
    ...
    $this->Auth->allow('display') //To make sure all my pages are plublic, like about_us
}

In all my controllers including articles_controller.php I have the following code

...
function beforeFilter(){
    parent::beforeFilter();
    $this->Auth->allow('index','view');
}
....

However, when I access this controller neither the index or view actions works. I get a YOU ARE NOT AUTHORIZED TO ACCESS THAT LOCATION error. The only time that controller works is if I change the $this->Auth->allow('display') to(‘*’) in the app_controller.php‘s beforeFilter().

I am not sure what to do. Isnt $this->Auth->allow('index','view') making these 2 actions public regardless of ACL says? I am only able to access them when logged in. Same actions in other controllers work just fine. Nothing else is out of the ordinary…

What can I do, or where should I look next. Why?

===========================================================================================

And to add,

I have the following code in my articles_controller.php:

 $this->set('articles',$articles);
 $this->set('topfive_articles',$topfive_articles);
 $this->set('other_articles',$other_articles);
 $this->set('categories',$categories);

If I comment all those out, AUTH now gives me access to the action/view, but it displays undefined variable errors. Also, if I comment out, ie. 3 of 4, nothing happens. I only get thru if I comment out all 4 variables….

I have not idea what is going on…

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    ================================================================================

    After many hours of researching and trying I came to a simple conclusion that was so obvious that I am not sure why I missed it.

    In articles_controller.php I have other actions besides index, view, edit, delete, admin_xxx. I have among others getArticleComments, mostViewedArticle

    I am not sure if it is the correct way, most likely it is not, but I use requestAction to process these actions and most into an ELEMENT which is displayed in the view.

    I basically had to tell Auth to allow these actions to be public as well as the index and view.

    $this->Auth->allow(
            'index',
            'view',
            'getTotalComments',
            'mostComments',
            'childrenComments',
            'getRelated',
            'getArticleComments',
            'mostViewed'
     );

    Voila! As soon as I did that, problem solved… WOW!

    • 0