I want to make client login and registration; and Admin login in laravel 5. In my database I gave a column named "roles" with enum 'admin'and 'client'.
Now what should I make in Routes.php and other files if necessary to redirect client to client page and admin to admin area after login successful.
Thankyou.
No need to reinvent the wheel, try bican/roles. I've been using it for a few weeks and its great!
I would look at something like Sentry.
Available here:
https://cartalyst.com/manual/sentry/2.1
The syntax is clean, and aligns well to laravel
Sentry::createGroup(array(
'name' => 'Subscribers',
'permissions' => array(
'admin' => 1,
'users' => 1,
),
));
Related
Can you help me please how to auto login into CakePHP 4.2 app?
My approach was like:
$authUser = $this->Users->get('2')->toArray();
$this->Auth->setUser($authUser);
$this->redirect(['controller' => 'Pages', 'action' => 'display']);
exit;
... but error is:
Call to a member function setUser() on null
Just to mention, that there is user with id 2 in table Users.
Can you help me with this please? Thank you in advance!
Hey In authentication of cakephp3.0 I am facing some problem Hey how can i create an authentication based on patient table and patient controller like url/patient/login I have controller and model and form ready but when I go to login page it always search for query from usertable by default when I am trying to add this code in Patientcontroller :
$this->Auth->config('authenticate', [
AuthComponent::ALL => ['userModel' => 'Members'],
'Basic',
'Form']);
I am getting this error :
Error: Class 'App\Controller\AuthComponent' not found
File D:\xampp\htdocs\hwapp\src\Controller\PatientController.php
Line: 34``
Please read this section of the documentation: http://book.cakephp.org/3.0/en/controllers/components/authentication.html#configuring-authentication-handlers
It explains how to use other table for handling login and how to tell the AuthComponent to use anther controller and action to handle the logic.
Is there a way I can access my project under Sandbox? I'm able to use the lookup method, find in order to fetch all the features from a project under the Yahoo! subscription, but how would I be able to do this for projects under Sandbox?
In your PHP code have you used Rally sandbox server URL?
https://sandbox.rallydev.com/
Here is a WebServices URL specific to Sandbox:
https://sandbox.rallydev.com/slm/doc/webservice/
I was able to figure it out. In the query to find specific features, I had to include the query parameter "workspace" to the sandbox reference which is (for 1.43) : "https://rally1.rallydev.com/slm/webservice/1.43/workspace/7189290105.js". I included the reference of the project as well which directly fetched all the features for my project. In addition, if you seek to only fetch features from your specific project and not from the ones on top of it, you have to include the "pageScopeUp" field into the query. You have to set this field to false:
$queryParams = array(
'query' => "",
'fetch' => 'true',
'pagesize' => 100,
'start' => 1,
'workspace' => "https://rally1.rallydev.com/slm/webservice/1.43/workspace/7189290105.js",
'project' => "whatever the project reference is",
'projectScopeUp' => false
);
$results = Connection::rally()->findWithQueryParameters('feature',
$queryParams);
I don't use RBAC to validate users. I wouldn't mind using it if it's possible, but I don't think it is. Reason being, I use a REST API to validate users. I have this in my authenticate() function:
$API = new API();
$user = $API->getAccountDetailsByEmail($this->username);
if($user->password !== md5($this->password) ) {
// Validated
}
I want the user to also be assigned a role at this step. Which is why I tried the following below the above:
$this->setState('roles', 'admin');
But this doesn't work at all. I still get:
Error 403: You are not authorized to perform this action.
When I go to the page I am trying to make admin accessible. How do I programmatically set a user as an admin?
Am I missing something, or is there an easy way to assign a role to a user that was authenticated?
The CAccessControlFilter relies on the CWebUser::checkAccess() function. This function is called with the name of the role as a parameter. If you do not want RBAC then the easiest you could do is write your own CWebUser derived class and implement your own checkAccess.
You can activate this class in your config file by adding the "user" component:
'components'=> array
(
'user' => array
(
'class' => 'MyWebUser',
),
),
You could for example set a list of roles in the users' session and have the function check if the user has that role. Although I would advise against using the session to store roles (the database is beter) using setState is definitely a bad idea. IIRC this sets a cookie on the user side and a bit of an inventive user could figure out how to abuse this.
If your action rules are
array('allow',
'actions'=>array(
'myAction',
),
'users'=>array('#'),
'roles'=>array('admin'),
),
Then change them to:
array('allow',
'actions'=>array(
'myAction',
),
'users'=>array('#'),
'expression'=>'$user->getState("roles")=="admin"',
),
The roles parameter for action rules is for use ONLY with RBAC. So you need to do your validation differently if you aren't using RBAC.
If that isn't your issue, then please provide more details about what you are trying and what your access rules look like.
I need some help with CheckAccess function.
I'm reading book Agile Web Application Development with Yii1.1 and PHP5, and came to page 212. On this page I've to added a "Create user" menu item.
I login with the user that is associated with the project (in Db table project_user_role) like a member, and members has operateion called 'createUser'.
The problem is that I can't see the menu item which should be generated by the following code:
if (Yii::app()->user->checkAccess('createUser', array('project' => $model))) {
$this->menu[] = array('label' => 'Add User To Project', 'url' => array('adduser', 'id' => $model->id));
}
Thanks
Also with AuthAssignment there are two more tables and even having them is not full deal. You got to have set RBAC :).
Please SeeRole-Based Access Control