I have acl based CakePHP app and users are belong to groups.
Please advice me where I should implement the redirection code by user's group:
users belong to admin group redirect to admin/dashboard
users belong to manager group redirect to manager/dashboard
users belong to user group redirect to user/dashboard
set $this->Auth->autoRedirect = false; in beforeRedirect() in users controller
In the login() function:
if ($this->Auth->user()){
$this->redirect(array('prefix'=>$this->Auth->user('group'),'controller'=>'dashboard','action'=>'index'));
}
This code is just example to show how it is done, not to be taken as-is.
Related
I have 2 separate platforms I use the same firebase confing for both of them
The first one is for the normal users , they can register and login and see the courses.
The second one is for the admins (ps: the admin is like a normal user , but I have a special collection called admins for the admin and another one called users for the normal users )
To check if the person who logged in is an admin , I check if his email exists in the admins collection).
So in the admin platform I should display a list of users
I want to enable and disable a spisific user (I can get his document Id, and UID)
when i use :
try {
await getAuth().updateUser(uid, { disabled: true })
getUsers()
} catch (error) {
console.log(`is error of ${uid} with ${error.message}`)
}
i got this erroe:
firebase_auth__WEBPACK_IMPORTED_MODULE_1__.getAuth)(...).updateUser is not a function
Hello I am new to salesforce commerce cloud and I am working on controller version of SFCC that is SGJC version. I wanted to know is there is any method or how will we know whether customer who has placed the order has placed as guest or as autheticated customer. I want to write a if else redirection logic. If placed order is from guest redirect to A.isml else redirect to B.isml. Any method from orderMgr class will be helpful.
You can try to use:
var order = OrderMgr.getOrder(orderNo);
var registered = order.getCustomer().isRegistered();
From the docs
There is also a difference between Registered and Authenticated customer. An Authenticated customer is a registered customer that is also logged, with an active authenticated session.
To check if the customer is authenticated you can use isAuthenticated() method instead of isRegistrered()
You can try the code same as below:
var order = OrderMgr.getOrder(orderNo);
if (!empty(order) && empty(order.getCustomerNo()) {
// Redirect to A.isml
}
if (!empty(order) && !empty(order.getCustomerNo()) {
// Redirect to B.isml
}
Ref docs.
I am quiet new to symfony 2 frmaework and I have been trying to find a inbuilt function or a fos container service that contains information about groups or role of a currently logged in user.I have used groups of FOS user bundle and each of user is assigned to only one group and role is defined to group.
Thanks in advance.
In the symfony session object you will have the current logged in user, and because the group is mapped to the user entity you can just access to the group with a getter here is a twig example
{{ app.security.getToken().getUser().getGroup() }}
To get the group roles you just call the Geter getRoles (), it returns the user roles and his group roles in the same array.
I have a website where all the pages are accessible to the public except for one Releases page which is user specific or maybe to a specific group .I have a seperate login page to gain access to 'Releases' page based on authentication.How do I go about this?Using Acl or Authorize function?I am very confused..Also do i need to use the same users table for authenticating this page, in that case do I use this User login page as an elemnt in my other login page.Could somebody please hint me on how to proceed?
ACL is overkill for many situations.
What I normally do is something like this in my controller:
public function releases() {
$this->_allowedGroups(array(1,2,3));
// rest of code here
}
Then in my app controller:
public function _allowedGroups($groups=array()) {
if( !in_array($this->Auth->user('group_id'), $groups) ) {
$this->redirect(array('controller'=>'users', 'action'=>'login'));
}
}
Acl should do your work.
And is there any specific need that you are using a separate login page??
A single login page and and a single users table should suffice your needs if you implement acl. Only those users who have rights to view the Requests page will be allowed to do so.
you may do something like this..
on core.php, put
Configure::write('Routing.prefixes', array('release'));
and do the verification on the AppController:
class AppController extends Controller{
public function beforeFilter(){
if (isset($this->params['prefix']) and $this->params['prefix'] == 'release'){
if ($this->Session->read("User.type") != 'admin'){
//redirect the user or throw an error...
}
}
}
}
so, youdomain.com/release/* will only be accesible by your administrators...
also, i don't see why you need two logins pages... you could just put a flag on your users table saying if the user is or not an admin... and on the login, set the User.type property on session.
if you don't need of complex permissions control, i think you don't need use ACL.
I'm creating an authentication system for a group of websites. The problem is that I have to use a pre-existing Database, which has a users table already full of entries, and that one user can have several accounts. Basically, a user has one account per website he has access to (it's not the best way to do this, but I can't change it). Each account is represented by an entry in the users table, with login, password, name... and the important field: website_id. This field tells the system what website that account has access to.
The big problem is that some users with more than one account have the exact same login/password information for all of them. For example, one user has 3 accounts:
account1: login = charly / pwd = 1234 / name = Charles ... website_id = 1
account2: login = charly / pwd = 1234 / name = Charles ... website_id = 2
account3: login = charly / pwd = 1234 / name = Charles ... website_id = 3
So if he goes to the website that has id = 2 and uses those credentials, he's granted access. If he goes to the website that has id = 4, he's denied access.
My problem is that since CakePHP does the login automatically, when a user tries to login, CakePHP checks only the first entry in the Database that matches the login/password submited in the form. So if a user is currently in the website with website_id = 3 and tries to login, Cake finds the first entry (account1), compares its website_id (1 in this case) to the current website's id (3), and since they're different, the access is not granted, but it should. _Please note that the comparison of the website_id vs the account's website_id is already being made manually in the login() function_.
This how the login() function looks like now:
function login() {
$userInfo = $this->Auth->user();
if ( isset($userInfo) ) {
if ($userInfo['User']['website_id'] == $this->website_id) {
//Users gets access to a website that he has an account for
}
else {
//User is denied access because his account is not registered for the current website
$this->Session->destroy();
$this->Session->setFlash(__('You don't have access to this website', true));
$this->redirect($this->Auth->logout());
}
}
}
What I would like is to be able to manually authorize the access to the current website by using the login/password submitted by the user to manually search in the users table, and if I find a match in one of the user accounts, grant the access, or otherwise deny access. To sum up, avoid all the automagic of Auth's component.
If the Auth component's login method fails, control is transferred back to the custom login action (e.g. UsersController::login()). I've used this to authenticate using either username or email address, but it could be easily adapted for this purpose. Same idea, different criteria. I offered what I think is a reasonably thorough response (with code) to a similar question. It may help you as well.