i've created a simple DNN module using MVC (based on the Christoc.com DNN 8 MVC module template from nuget), with a custom ControlKey. The purpose of this custom ControlKey is to call a specific MVC Action. For this exmaple I'll call this ControlKey "DoIt".
So, I define the ControlKey in the .dnn file:
<moduleControl>
<controlKey>DoIt</controlKey>
<controlSrc>MyApp.Modules.TestModule.Controllers/DoIt/DoIt.mvc</controlSrc>
<supportsPartialRendering>False</supportsPartialRendering>
<controlTitle>DoIt</controlTitle>
<controlType>View</controlType>
<iconFile />
<helpUrl />
<viewOrder>0</viewOrder>
<supportsPopUps>True</supportsPopUps>
</moduleControl>
The View of the module only contains a link to the custom ControlKey, formatted using NavigateURL, like so:
http://dnndev.me/TestPage/tabid/89/ctl/DoIt//mid/450/Default.aspx
When logged in as a SuperUser account, this link works and correctly executes the DoIt action.
But, when logged in as a Non-SuperUser account, even as Administrator, I get an Access Denied message.
I've tried to adjust the module and page permissions, (either inherited from the page, or at the module itself), but I can't get it to with with non-SuperUser accounts.
What I am missing? Do I need to set the permissions for this custom ControlKey somewhere?
Is there a way to find out what permission is missing?
I am going to assume since your default view works that you have an MVC controller (DnnController) name DoItController with an action method called DoIt() as well as a default view action called Index() (or something similar).
Try using the MVC Url helper to link to your DoIt action from your default view (Index.cshtml).
Do It!
The Url.Action takes as arguments:
Action name (ie: DoIt)
Controller name (ie: DoIt)
routeValues (ie: ctl=[Control Key], [otherQS args])
The rendered href looks like this:
http://801.dnndev.me/TestPage/ctl/DoIt/mid/437/controller/DoIt/action/DoIt
Related
I have the need to determine what app path my controller method will use for serving up the view before it does so. I'm using a theme but I also have many non-themed view files. I'm switching my themes based on domain name (2 domains point to the same Cake install) but need to exclude the non-themed views from rendering inside my theme.
This may sound confusing. Here's what is currently happening if a URL is accessed that does not have a theme view associated with it:
domainA.com/examples/index will render the view app/View/Examples/index.ctp with the layout from app/View/Layouts
domainB.com/examples/index will render the view app/View/Examples/index.ctp BUT with the layout from app/View/Themed/MyTheme/Layouts
This is because the "MyTheme" theme does not contain a view file for this controller-method pair (this is intentional). So I would like to instead have the following established:
domainB.com/examples/index continues to render the view app/View/Examples/index.ctp BUT INSTEAD with the layout from app/View/Layouts
This should only happen, of course, if and only if there is no view file within the "MyTheme" directory structure.
I think this is what you are looking for $this->View->viewPath.
You can use this in any controller call back function or action.
I am creating REST API using Cake resource. I have route for users:
/users
and now I want to create nested resource for users on projects
/projects/:projectId/users
However I don't want to use UsersController for this one, I want to use different controller. My routing looks like this:
$routes->resources('Users');
$routes->resources('Projects', function ($routes) {
$routes->resources('Members');
});
I don't know how to set up that the route for MembersControlles is not members but users.
There are no aliases for resources from memory. The string passed to the resource is the controller name. So passing 'Members', CakePHP is going to look for the MembersController. But your Entity is obviously called User and your controller is UsersController? Which should contain your index, add, edit, delete methods for the RESTful API.
To create an alias you could try inheritance, you could create a MembersController and have it extend your UsersController?
I'm a newbie in CakePHP, please have patience with me :)
So, I'm trying to create a plugin called References. I've baked "plugin's core" through cake's console. Then I've created ReferencesController class that extends ReferencesAppController and Reference class (model) that extends ReferencesAppModel. My next step was creating action admin_index (just code to save form), it's view and a little bit validation in Reference model. To my problem, I'm unable to create any other action, ex. admin_add. When I do (I create new action and I add it's view), then I try to access it through the URL (localhost/my_project/admin/references/add), and there comes the message "Error: References.AddController could not be found.". I am not sure, what I do wrong, I don't want to create another controller, just action. Thank you
Because only the plugin index action (when plugin and controller have the same name) is directly routed.
For all others you need to verbosly add the plugin name and the controller name to the url:
/my_project/admin/references/references/add
If you had created a link to this action, the routing would have shown you that.
I followed Andrew Perkins excellent tutorial on setting up permissions in CakePHP 2.0.
My question, however, relates to how to use the allow and deny method in the Pages controller. Currently I have $this->Auth->allow('display') which allows all methods in the Pages controller to be view.
What if I only want the home page allowed but the rest denied? How do I code that?
Thanks in advance.
Make sure you have copied the PageController.php to your app/Controller folder. Then, add a beforeFilter callback method and set access based on the passed page parameter:
public function beforeFilter() {
// Use $this->request->pass to get the requested page name/id
// Decide on access with $this->Auth->allow()
}
This should solve your problem.
You can find more information on request's lifecycle in CakePHP manual. That's pretty useful stuff.
Have you tried this code?
You can out it into your PageController or into your Controller directly
$views = array ('index'); //array of view that you want allow
$this->Auth->allow($views);
I'm currently trying to add an admin mode to my cakephp site.
I followed a tutorial on the web and added a routing prefix:
Configure::write('Routing.prefixes', array('admin'));
Then I implemented login and logout functionality.
I added a admin_view.ctp and admin_index.ctp to a model where I want to restrict access. Therefore I deleted view.ctp and index.ctp and expected that only admins could view the model by using:
http://xxxx/model/admin/index
But when I entered
http://xxxx/model/index
a default view appeared that I could not disable (it allows model manipulation). Is there a standard way to disable all these default views or do I have to create a index.ctp and view.ctp that simply show error messages?
If you want to disallow certain action, you need to setup ACL, which is described here. And for authentication, in your controller you need something like this:
class SomethingsController extends AppController
{
var $components = array('Auth');
//this will allow all users access to the index
//and view methods ( but not any other)
function beforeFilter() {
$this->Auth->allow('index','view');
}
// other actions
}
Hope this helps.
Delete default controller methods: function index(), view(), add(), edit() and delete(). Removing *.ctp templates is not enough.