Akelos Framework v1 forum archive. This forum is no longer maintained. To report bugs please visit https://github.com/akelos/akelos/issues

Akelos Programming: Disallow access to functions

Bottom of Page

1 to 4 of 4

  1.  
    • CommentAuthorspykid
     
    hi, I am new to akelos but liked it very much and created my app using this awesome tool, but now I stuck somewhere, Actually i created most of my app using scaffold and now when I am going to release my app I want to restrict access to functions like add, delete, list etc to users but also want to keep those actions for the use of administrator so my question is, How can I do the above said??

    Sorry for my english and being so descriptive

    Many Thanks
    Rakesh
    • CommentAuthorKaste
     

    You do all this stuff with beforeFilters. F.i.

    //__construct()
    $this->beforeFilter(array('forbiddenAction'=>array('except'=>array('index','show'))));

function forbiddenAction()
{
    //redirect or die
}

    Now all actions except index and show are forbidden.

    You need some conditionals though (for your admin-user)

    $this->beforeFilter('protectMyActions');

function protectMyActions()
{
     $current_action = $this->getActionName();
     // now it depends on your models
     if (user!=admin && in_array($current_action... //etc.
           $this->forbiddenAction();
}

    etc.

    • CommentAuthorinsanet
     
    you need something called filters, it is explained in the wiki. http://wiki.akelos.org/filters-and-verification

    so basically there are methods like beforefilter,afterfilter that you can set to be called before or after actions.


    ----------------------------------------------

    by the way Kaste, it seems skipbeforeFilter doesn't accept 'only', and 'except' params. this is a bug or not implemented?
    and how i can access the action name from the controller construct, $this->getActionName doesnt work.
    • CommentAuthorKaste
     

    In the constructor we don't know the (current) request the controller might (later) handle, so we don't know the action_name.

    skipFilter actually removes the filter from the chain. So it could be called remove*Filter. You're free to implement a 'rewrite*Filter' of course. ;-)

1 to 4 of 4

  1.  
Back to Discussions Top of Page