I am having a hard time finding assistance on securing my application. I want to create a role based system, in CakePHP, that would allow me to assign users to a role(s), assign permissions to a role, and use the roles to control who can see/do what on my application. I recall there being something you could use in CakePHP 2.X but I can't find anything in 3.0. Is this still supported? Is there a recommended way to do this? In particular, I need to know the table structure, so I can add them to my database diagram.
thanks
You may want to use TinyAuth plugin by dereuromark or the official ACL plugin by cakephp.
The ActionsAuthorize & CrudAuthorize adapter available in CakePHP 2.x
have now been moved to a separate plugin cakephp/acl.
https://book.cakephp.org/3.0/en/controllers/components/authentication.html#authorization
Related
I have installed phpbb3 version in my cakephp application. I want to use same login for phpbb which is used in my cake application. But I am getting issues in it.
I have used this component PhpBB3 APi Bridge but it gives error that cannot redeclare user class. I am using User class in my application and cannot modify it. It seems phpbb also use User class.
After reading on net, I am inserting direct values in phpbb_session table and saving sid cookie but it's not logging in the user to phpbb forum.
I have searched alot but could not find any workable solution. Any help will be highly appreciated.
Thanks in advance.
Hi I am Confused at creating the ARO users and groups and in which controller they
are defined
Please help me Thanks in Advance
ACL in general can get confused and complicated. Most times ACL is overkill for most APPs we develop anyway. I think Role Base Authentication with admin routing is much easier to setup and is enough for most situations. On my first CakePHP I developed, I used ACL, but did not actually need it, although it was a good learning opportunity. I am currently upgrading/redesigning to 2.0 and I am using role based for that site, with admin and members.
If you are trying to learn, I would say go for it and use the following CakePHP tutorial: CakePHP Simple Acl Controller Application Tutorial. To manage it, it can be very difficult. I would suggest the following plugin: Alaxos - Plugin ACL 2.0. The down side with this, is that is takes a long time to process when you need to make a simple change like adding a function to an existing controller, that might not be worth it, specially if you are using shared hosting with execution limition.
Bottom line: Use it if you REALLY/ABSOLUTELY need for your site. If not stay away from ACL.
I have a hard question. I'd like the joomla login does not use its own database for users/password but I want to use my database users with my table fields, my passwords etc..
I don't know from where start, I thought I could edit database request for login to my db or create a little script to automatically add the users on joomla database.
I tried to see components/com_users/views/login/tmpl/default_login.php but it seems that there is nothing.
Can someone help me figure out what to change?
Maybe the simple thing is import my database users into database user joomla, is there any plugin or something else that you know?
p.s. I use Clarion theme build on Gantry framework, Joomla! 2.5.6 Stable, PHP 5.2.17
I would suggest that you find or create an authentication plugin that does this for you. Joomla can support multiple authentication systems.
Have a look at creating an Authentication Plugin for Joomla 1.5. The basic idea is described there.
I am trying to develop a store locator script. May exist for WordPress however, after they are installed, no matter who logs into WordPress, each user is adding/deleting entries inside that one database of addresses.
I would like to have it so that each user belongs to a group/company. When they login to WordPress, they can only see their entries in the database.
What would be the best way to implement this?
Implement the stores as custom post types and do not give your regular users the capability edit_others_posts.
WordPress will then not show stores from other users, you don't have to do anything else.
I have a joomla instance and a cakephp instance in my site. What I want is to have a single login form for both the joomla and the cake instance.
Is this possible? Possibly there is a plugin that allows this?
You could use a Joomla-CakePHP bridge to execute Cake app in your Joomla instance.
If you want the two to work separately I think you can set up an authentication in Cake to user Joomla database and the data stored there when you are authenticating users.
You can achieve your task using session cookies.
Be aware that Joomla! writes by default session's data in database not in file
This link can help you to figure out how to proceed.