Extending My_Controller with an Auth layer. |
[eluser]gh0st[/eluser]
I think it does. I will have to play with it to see if I can get it to work. I think having it as a library as you indicate would help things.
[eluser]gh0st[/eluser]
Would it be possible to get a download of the setup so I can figure out what I'm doing wrong? Thanks.
[eluser]NachoF[/eluser]
[quote author="Phil Sturgeon" date="1265054167"]I try to avoid doing this as it is not all that flexible (for me at least). I create a Public_Controller and a Admin_Controller then you can just do something like: Code: class Admin_Controller extends MY_Controller Could you please explain this?? whats in My_Controller? also, about Admin_Controller...are your restricted controllers supposed to inherit from Admin_Controller or from My_Controller?.... Say I have a Products Controller.... I want my admins to be able to "Create" products but I want my regular users to be able to access the "List" of controllers.... How would I go about doing that??.... I havent started my application yet, I have just downloaded CI and installed Datamapper ORM, thats it... but I want to start with a correct auth layer beforehand.
[eluser]gh0st[/eluser]
The MY_Controller is an extension of the core. You can put repetitive stuff in there, and extend MY_Controller to do what you require. The Admin_Controller is a controller which can be used for the admin sections; or things that require authorization. If you want a products controller and admins to create stuff and then let users access a list; I would put the listing in MY_Controller and admin stuff in Admin_Controller. The auth layer bit could be in MY_Controller, or if you only want it for Admin, put it in Admin_Controller. Unfortuently there is a lot of code that is wrapped inside of Tank Auth and figuring out what should and should not be in the Admin_Controller can be time consuming. I am hoping @Devon Lambert puts up some code to explain the seperation (or not) of the Tank auth layer with a modular setup. I've got it set up so that my Admin_Controller extends yet another Controller called "Auth_Controller" where I put the tank auth layer itself where it does a very basic check to make sure you are logged in.
[eluser]Devon Lambert[/eluser]
Here ya go gh0st. Try the attached files. I had to remove some of the application specifics, but hopefully you get the gist of how it all works together.
[eluser]NachoF[/eluser]
[quote author="gh0st" date="1266364850"]The MY_Controller is an extension of the core. You can put repetitive stuff in there, and extend MY_Controller to do what you require. The Admin_Controller is a controller which can be used for the admin sections; or things that require authorization. If you want a products controller and admins to create stuff and then let users access a list; I would put the listing in MY_Controller and admin stuff in Admin_Controller. The auth layer bit could be in MY_Controller, or if you only want it for Admin, put it in Admin_Controller. Unfortuently there is a lot of code that is wrapped inside of Tank Auth and figuring out what should and should not be in the Admin_Controller can be time consuming. I am hoping @Devon Lambert puts up some code to explain the seperation (or not) of the Tank auth layer with a modular setup. I've got it set up so that my Admin_Controller extends yet another Controller called "Auth_Controller" where I put the tank auth layer itself where it does a very basic check to make sure you are logged in.[/quote] Jesus, this just gets more and more complicated.... let me show you what Im used to so you can tell what I want. This is an example of a class in asp.net mvc that enfornces authorization Code: public class HomeController : Controller So as you can see I want a simple one line of code to limit admins only for specific methods throughout ALL of my controllers in all of my app... is there a way? or somethng close?
[eluser]Devon Lambert[/eluser]
[quote author="NachoF" date="1266395557"] Jesus, this just gets more and more complicated.... let me show you what Im used to so you can tell what I want. ... So as you can see I want a simple one line of code to limit admins only for specific methods throughout ALL of my controllers in all of my app... is there a way? or somethng close?[/quote] Hello Nacho, If you take a look at the code I've provided you will find an extended_library which adds a method allowing you to determine if a user is an admin or not. I've added Role_ID in to Tank Auth and thus I am able to pull a user's Role ID From the session like so: Call this whenever you would like to confirm that a user is an admin. Code: $this->my_extended_auth->is_admin(); Hope it helps.
[eluser]NachoF[/eluser]
[quote author="Devon Lambert" date="1266396406"][quote author="NachoF" date="1266395557"] Jesus, this just gets more and more complicated.... let me show you what Im used to so you can tell what I want. ... So as you can see I want a simple one line of code to limit admins only for specific methods throughout ALL of my controllers in all of my app... is there a way? or somethng close?[/quote] Hello Nacho, If you take a look at the code I've provided you will find an extended_library which adds a method allowing you to determine if a user is an admin or not. I've added Role_ID in to Tank Auth and thus I am able to pull a user's Role ID From the session like so: Call this whenever you would like to confirm that a user is an admin. Code: $this->my_extended_auth->is_admin(); Hope it helps.[/quote] Sorry to bother but.. does that method return a boolean? so that means I would have to do something like Code: function create_product()
[eluser]Devon Lambert[/eluser]
[quote author="NachoF" date="1266397239"][quote author="Devon Lambert" date="1266396406"][quote author="NachoF" date="1266395557"] Jesus, this just gets more and more complicated.... let me show you what Im used to so you can tell what I want. ... So as you can see I want a simple one line of code to limit admins only for specific methods throughout ALL of my controllers in all of my app... is there a way? or somethng close?[/quote] Hello Nacho, If you take a look at the code I've provided you will find an extended_library which adds a method allowing you to determine if a user is an admin or not. I've added Role_ID in to Tank Auth and thus I am able to pull a user's Role ID From the session like so: Call this whenever you would like to confirm that a user is an admin. Code: $this->my_extended_auth->is_admin(); Hope it helps.[/quote] Sorry to bother but.. does that method return a boolean? so that means I would have to do something like Code: function create_product() correct! :-)
[eluser]gh0st[/eluser]
[quote author="Devon Lambert" date="1266379367"]Here ya go gh0st. Try the attached files. I had to remove some of the application specifics, but hopefully you get the gist of how it all works together.[/quote] Thanks. I will take a look at it and see how it reflects or differs from what I did. I have been able to get Tank Auth sort of working. There are still a lot of things I need to test, like registration, activation; this is more to do with the functionality of Tank Auth. The way I did it was to put the Tank Auth as yet another controller "Auth_Controller" inside Libraries and then made my Admin_Controller extend Auth_Controller. I'm not sure if you did this, but I will look at the code and see what I can learn from it. |
Welcome Guest, Not a member yet? Register Sign In |