0
Good afternoon,
Someone who has already needed to use the restrictions for the user via bank in an editable way that can help.
At first I followed the initial tutorial creating the user tables and roles, but the client asked to edit the access permissions of the role for example:
Roles | Permissions ADMIN -> all; EDITOR -> controller => POST, action ADD EDITOR -> controller => POST, action EDIT CLIENT -> Deny
In this way I created the table Permissions and roles_permissions and so I tried to pass on isAuthorized to allow or deny but without success. If you have a plugin that use or a better idea thank you already.
public function isAuthorized($user)
{
$this->rolePermissionsTable = TableRegistry::get('RolePermissions');
$rolePermissions = $this->rolePermissionsTable->find()->where(['role_id' => $user['role_id'] ])->all();
//var_dump($rolePermissions); die;
$this->rolePermissionsTable = TableRegistry::get('RolePermissions');
$this->permissionsTable = TableRegistry::get("permissions");
// Admin pode acessar todas as actions
foreach ($rolePermissions as $authorized) {
$permissions = $this->permissionsTable->find()->where(['id', $authorized['permission_id'] ] )->all();
if ($user['role_id']== $authorized['role_id']) {
$this->addPermission($permissions);
$this->Auth->allow('*');
return true;
}
if($user['role_id'] != $authorized['role_id']){
return false;
}
}
// Bloqueia acesso por padrão
return false;
}
public function addPermission($permissions){
foreach ($permissions as $permission) {
$this->Auth->allow(['controller' => $permission['controller'], 'action' => $permission['action'] ]);
}
}
public Function removePermission($Permissions){ foreach ($Permissions as $permission) { $this->Auth->Deny(['controller' => $permission['controller'], 'action' => $permission['action'] ]); } }
Got show, followed this same concept with a slightly different mapping and made a creation of the menus dynamically through the permissions Scroll the user participates.
– Wander Arce