开发者

CakePHP: False positive authError with ACL

I have set up a working ACL system with CakePHP inside my company's existing site. Access restriction works perfect, groups and single users that don't have the right to visit a specific portion of the site get an authError message explaining that they don't have the proper rights.

The only problem is that in Firefox I sometimes get -what I'd like to call- false positives. This means that, even though a user has access to a certain controller and action, the authError still pops up. The strange thing is, the view still renders properly, and except for the authError there is nothing wrong. Everything works, users can see what they need to see. Only sometimes the authError is still displayed.

Now this randomly occurs sometimes in Firefox, but in IE8 this happens all the time. Even though a user has full access to the whole site, the authError message is still displayed on every single page in IE8. I开发者_JS百科 haven't checked if this problem persists in other IE browsers, but since it happens in both IE8 and FF, my thoughts were that they probably exist in others too.

Now I can't get my head around why this is happening, since there is no real pattern here. In FF the authError randomly gives a false positive, and in IE8 it is just displayed all the time.

One could argue that for some reason the users rights are checked after the authError message has been given a 'go' to appear. Resulting in proper access even though the error message has already been displayed. I already checked whether or not the loading time of the page had anything to do with it, but this does not seem to be the case.

Are there users around that have any idea what could be the cause of this problem? Thanks in advance!


I am not entirely sure why that happens and I dont know if you were able to figure out your issue. However, I am also running ACL and had a similar issue and figure I would post it here and hopefully help someone.

I had an Articles controller that I needed the index and view actions to be public. No matter what I did, nothing worked. I would still get the same not authorized error. After many sleepless nights of trying and trying, I came to find out that, although I am requesting the view action for example, any other actions that are referenced in the view action, like getRelated or getComments would have to be added as well.

The issue was fixed, or so I thought. However, intermittently, the error would pop up again and again. Same issue, same error. Now, I was able to access the View action but not the Index, although everything seemed good with the $this->Auth->allow

After many more head scratching, I came to find out that I had to do the same with my Categories Controller. In this controller I had created a getRelated action that would retrieve all Articles related to a specific article based on its category.

As soon as I did that, now all my problems went away and I have not experience a similar issue. Now I can actually concentrate into other sections of my project.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜