| Protect whole controller with one route? |
Hi,
I started to use CodeIgniter Shield and I'm wondering if its possible to protec the whole controller with a single route. for example, the user-controller should only be accessed by admin users, independent which action should be performed (for example user/create, user/delete, user/assignCategeory and so on): $routes->add('user/create/*', '', ['filter' => 'group:admin']); $routes->add('user/delete/*', '', ['filter' => 'group:admin']); $routes->add('user/assignCategeory/*', '', ['filter' => 'group:admin']); I would like to simplify that to something like: $routes->add('user/*', '', ['filter' => 'group:admin']); but this doesn't work. I also see the risk to add a new method to the controller, and forget to protecting it by adding the new route for it. Guess I have the wrong approach here, maybe somebody can give me a hint... Thx a lot! ben
1. Use grouping. See https://codeigniter4.github.io/CodeIgnit...ing-routes
2. Use $filters config. See https://codeigniter4.github.io/CodeIgnit...ml#filters
(03-23-2023, 04:07 PM)kenjis Wrote: 1. Use grouping. See https://codeigniter4.github.io/CodeIgnit...ing-routes Thanks for your suggestions! Do you know if it's possible to filter arguments in filters, or is this only possbile with routes? Besides that, It would also be an option to put this "generic auth check" into the constructor of the corresponding controller.
The filter arguments in filters will be added in v4.4.0.
See https://github.com/codeigniter4/CodeIgni...-arguments |
| Welcome Guest, Not a member yet? Register Sign In |
