I am building a site in Drupal.
I have a contextual url user/%/posts which gives me a view
Suppose there are two users with uid 1 and 2
uid 1 should be able to access access only user/1/posts and not user/2/posts
Similarly with uid 2
How to do this in Drupal ?
Assuming you have both Views and Views PHP enabled :
Go to your view's admin page.
Click on Page settings > Access and select the PHP option.
Check if the current logged-in user (uid) matches the uid argument from the URL.
<?php global $user; return ($user->uid == $view->args[0]); ?>
Or
global $user;
return ($user->uid == 1 || $user->uid == $argument);
for content owner & UID1 access (https://www.drupal.org/node/2325229#comment-9130871)
Related
I am quiet new to symfony 2 frmaework and I have been trying to find a inbuilt function or a fos container service that contains information about groups or role of a currently logged in user.I have used groups of FOS user bundle and each of user is assigned to only one group and role is defined to group.
Thanks in advance.
In the symfony session object you will have the current logged in user, and because the group is mapped to the user entity you can just access to the group with a getter here is a twig example
{{ app.security.getToken().getUser().getGroup() }}
To get the group roles you just call the Geter getRoles (), it returns the user roles and his group roles in the same array.
I have a website where all the pages are accessible to the public except for one Releases page which is user specific or maybe to a specific group .I have a seperate login page to gain access to 'Releases' page based on authentication.How do I go about this?Using Acl or Authorize function?I am very confused..Also do i need to use the same users table for authenticating this page, in that case do I use this User login page as an elemnt in my other login page.Could somebody please hint me on how to proceed?
ACL is overkill for many situations.
What I normally do is something like this in my controller:
public function releases() {
$this->_allowedGroups(array(1,2,3));
// rest of code here
}
Then in my app controller:
public function _allowedGroups($groups=array()) {
if( !in_array($this->Auth->user('group_id'), $groups) ) {
$this->redirect(array('controller'=>'users', 'action'=>'login'));
}
}
Acl should do your work.
And is there any specific need that you are using a separate login page??
A single login page and and a single users table should suffice your needs if you implement acl. Only those users who have rights to view the Requests page will be allowed to do so.
you may do something like this..
on core.php, put
Configure::write('Routing.prefixes', array('release'));
and do the verification on the AppController:
class AppController extends Controller{
public function beforeFilter(){
if (isset($this->params['prefix']) and $this->params['prefix'] == 'release'){
if ($this->Session->read("User.type") != 'admin'){
//redirect the user or throw an error...
}
}
}
}
so, youdomain.com/release/* will only be accesible by your administrators...
also, i don't see why you need two logins pages... you could just put a flag on your users table saying if the user is or not an admin... and on the login, set the User.type property on session.
if you don't need of complex permissions control, i think you don't need use ACL.
Let me explain the situation before I ask the question. I have a site, domain.com. the page sub.domain.com requires a user to be logged in to access. If I allow access to sub.domain.com/login which provides a form whose action is domain.com/login, it sends the data to domain.com/login and redirects back to sub.domain.com/login like it should. However, if I try to access sub.domain.com (which requires authentication) it redirects to domain.com/login correctly, but doesn't redirect back to sub.domain.com after logging in. I found the error to be that the redirect when not logged in wasn't sending the referrer header. Is there a way to make it so that if a user tries to access a page on a subdomain that requires authentication, that it will redirect him to domain.com/login, then back to where he originally was?
Does redirect always need to redirect back to sub.domain.com? If so, i'd suggest setting the AuthComponents loginRedirect attribute to the location you want the user to be redirected to. See this page: http://book.cakephp.org/1.3/en/view/1270/loginRedirect
Also, that page says that CakePHP automatically stores the controller-action pair you were accessing before the login in your session. So maybe you should also check whether your session is shared between the domain.com and sub.domain.com.
One final comment: what does happen after login? Are you redirected to the controller/action on domain.com or aren't you redirected at all?
NOTE: I'm assuming you're using CakePHP 1.3 and use the AuthComponent for logging users in.
Ok, it all had to do with routes. I finally was able to get it working by setting up a switch statement in my routes.php file:
switch(Configure::read('subdomain'))
{
case 'subdomain':
Router::connect('/login', array('controller'=>'users', 'action'=>'login'));
}
And set up my bootstrap like so:
preg_match('/^(?:www\.)?(?:(.+)\.)?(.+\..+)$/i', env('HTTP_HOST'), $matches);
$subdomain = empty($matches[1]) ? false : $matches[1];
if( strlen($subdomain) > 0 && $subdomain != "www" )
{
if($subdomain == 'api')
$_GET["url"] = $subdomain . "/" . (isset($_GET["url"]) ? $_GET["url"] : "");
Configure::write('subdomain', $subdomain);
}
I'm creating an authentication system for a group of websites. The problem is that I have to use a pre-existing Database, which has a users table already full of entries, and that one user can have several accounts. Basically, a user has one account per website he has access to (it's not the best way to do this, but I can't change it). Each account is represented by an entry in the users table, with login, password, name... and the important field: website_id. This field tells the system what website that account has access to.
The big problem is that some users with more than one account have the exact same login/password information for all of them. For example, one user has 3 accounts:
account1: login = charly / pwd = 1234 / name = Charles ... website_id = 1
account2: login = charly / pwd = 1234 / name = Charles ... website_id = 2
account3: login = charly / pwd = 1234 / name = Charles ... website_id = 3
So if he goes to the website that has id = 2 and uses those credentials, he's granted access. If he goes to the website that has id = 4, he's denied access.
My problem is that since CakePHP does the login automatically, when a user tries to login, CakePHP checks only the first entry in the Database that matches the login/password submited in the form. So if a user is currently in the website with website_id = 3 and tries to login, Cake finds the first entry (account1), compares its website_id (1 in this case) to the current website's id (3), and since they're different, the access is not granted, but it should. _Please note that the comparison of the website_id vs the account's website_id is already being made manually in the login() function_.
This how the login() function looks like now:
function login() {
$userInfo = $this->Auth->user();
if ( isset($userInfo) ) {
if ($userInfo['User']['website_id'] == $this->website_id) {
//Users gets access to a website that he has an account for
}
else {
//User is denied access because his account is not registered for the current website
$this->Session->destroy();
$this->Session->setFlash(__('You don't have access to this website', true));
$this->redirect($this->Auth->logout());
}
}
}
What I would like is to be able to manually authorize the access to the current website by using the login/password submitted by the user to manually search in the users table, and if I find a match in one of the user accounts, grant the access, or otherwise deny access. To sum up, avoid all the automagic of Auth's component.
If the Auth component's login method fails, control is transferred back to the custom login action (e.g. UsersController::login()). I've used this to authenticate using either username or email address, but it could be easily adapted for this purpose. Same idea, different criteria. I offered what I think is a reasonably thorough response (with code) to a similar question. It may help you as well.
I have acl based CakePHP app and users are belong to groups.
Please advice me where I should implement the redirection code by user's group:
users belong to admin group redirect to admin/dashboard
users belong to manager group redirect to manager/dashboard
users belong to user group redirect to user/dashboard
set $this->Auth->autoRedirect = false; in beforeRedirect() in users controller
In the login() function:
if ($this->Auth->user()){
$this->redirect(array('prefix'=>$this->Auth->user('group'),'controller'=>'dashboard','action'=>'index'));
}
This code is just example to show how it is done, not to be taken as-is.