1 to 9 of 9
I've finally got the Admin plugin installed and working!
I can log into /admin/ just fine. I can view the /admin/permissions/manage/ without a problem, but the only permissions that are listed have to do with the admin plugin. My question is this: How do I add OTHER controllers (and their actions) to this list? I'm not quite advanced enough to understand the example.
Could someone help me with a simple example?
Thanks!
P.S. Bermi, what Vanilla extensions are you using to get the 'Markdown', and 'Preview Post'? :-)
On admin_controller.php you can decide what to protect.
By default we have
var $protect_all_actions = true;
which means that all the actions under the admin controller/module will be added to the permission table once they're first acceded by a super-user.
If you want fine-grain access control the best way is to use the User::can() method. That will also add the permission the first time it's accessed.
So it's as simple as using
if(User::can('Moderate comments', 'Forum')){
//
}
to get a new Forum permission group with the moderation task.
All the authentication for the admin module is located on the file
/app/controllers/admin_controller.php
In order to use that logic, you can either move some functionality from the admin controller to the shared controller, or you can add a beforeFilter on OderController::\__construct to trigger something like AdminController::_protectAllActions
Ok, I'm getting some success, but haven't figured out how to get away from the action=>protected_action errors.
Here is what I did.
1) Copied functions authenticate(), access_denied(), _protectAction(), and _protectAllActions() to the application_controller.php
2) Block commented out those functions inside admin_controller.php (so we don't have duplicate code).
3) Inside order_controller.php I added the following lines:
var $protected_actions = 'list_warehouses'; // only protecting one action for testing purposes.
function __construct()
{
$this->beforeFilter('authenticate');
!empty($this->protected_actions) ? $this->beforeFilter('_protectAction') : null;
!empty($this->protect_all_actions) ? $this->beforeFilter(array('_protectAllActions' => array('except'=>'action_privileges_error'))) : null;
}
/order/listing/ works as normal (not protected, no authentication going on) /order/list_warehouses/ 1st prompts me for a password (just like /admin/), but once I am logged in, it tries to go to /order/protected_action (Obviously this action does not exist). This is due to this line in _protectAction():
$this->redirectTo(array('action'=>'protected_action'));
If I replace 'protected_action' with $action_name, I get "This webpage has a redirect loop". (I understand why it's a loop.) If I the redirectTo with
$this->renderAction($action_name);
Then I get a load of other errors (because the actual action is not being used, just the tpl file).
I'll look into this after lunch a bit more. :-)
redirecting to
$this->redirectTo(array('action'=>'protected_action'));
should happen when you don't have the right permissions on the permission table. Did you check that table? Are accessing as admin?
I'm accessing as an account with an admin role, yes. Interesting. When I go to /admin/permissions/manage/, I do not see any lines for Admin::Order.
But the Extensions table has and 'Admin::Order' with an ID of 10. Yet the Permissions table has NO fields with an extension_id of 10. That would explain why nothing is showing up in /admin/permissions/manage.
It seems the auto-adding of accessed actions is not working quite right. But it DID add the 'extension' (controller name), just not the permission (action). I'll keep digging.
Ahh, I have discovered the problem. I was not browsing with ROOT privileges. Just ADMIN privileges.
1 to 9 of 9