We Keep Coding

CakePHP 2.x ACL Issues getting it working

I have been trying to get the CakePHP ACL's working with my new application, it is causing me a world of pain. For some reason the ACL doesnt seem to be working however the tutorials are rubbish and don't explain each component very well. e.g. how a ACO links to a controller / function / views
I have got the ACL working correctly up until getting the pages to know if the user is allowed to view it, also same issue with menu items that they can / cant see.
I have noticed that if i add this code to my page the array shows the group as blank:
$user = $this->Auth->user();
pr($user);
The array returned:
Array
(
[id] => 80
[first_name] => Bob
[last_name] => Test
[email] => email#emial.com
[username] => TestAdmin
[tokenhash] => cleared
[is_active] => 1
[created] => 2014-10-03 16:32:45
[modified] => 2014-10-03 16:32:45
[token_expires_at] =>
[group_id] => 3
[Group] => Array
(
[id] =>
[name] =>
[enabled] =>
[created] =>
[modified] =>
)
)
The site is basically a portal, visitors should only have access to login / register. and the users groups all have access to the dashboard however it ends up in a continuous loop unless i allow everyone access to the dashboard (due to the group not being recognised i guess)
any help would be appreciated, I realise that you may need me to post the code im using so please let me know what you would require.
Thanks in advance
EDIT:
I have updated my AppController as below and it has started showing the group in the array as it should!!! weird thanks for the push in the right direction.
AppController.php
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public function beforeRender() {
if((($this->params['controller']==='Users') || ($this->params['controller']==='users'))&&(($this->params['action']=='login') || ($this->params['action']=='register') || ($this->params['action']=='success') || ($this->params['action']=='forgot_password') || ($this->params['action']=='reset_password')) ){
$this->theme = 'DataHouseLogin';
}else{
$this->theme = 'DataHouse';
}
parent::beforeRender();
}
public $components = array(
'Acl',
'RequestHandler',
'DebugKit.Toolbar' => array('panels' => array('history' => false)),
'Session',
'Auth' => array(
'authorize' => array(
'Actions' => array(
'actionPath' => 'controllers'
)
),
'loginAction' => array(
'controller' => 'Users',
'action' => 'login'
),
'loginRedirect' => array(
'controller' => 'Dashboard',
'action' => 'index'
),
'logoutRedirect' => array(
'controller' => 'Users',
'action' => 'login'
),
'authError' => 'Did you really think you are allowed to see that?',
'authenticate' => array(
'Form' => array(
'passwordHasher' => 'Blowfish'
)
)
)
);
public function beforeFilter() {
//$this->Auth->allowedActions = array('display','index','register');
$this->set('user', $this->Auth->user());
$this->set('acl', $this->Acl);
$this->Auth->authorize = array(
'Controller',
'Actions' => array('actionPath' => 'controllers')
);
parent::beforeFilter();
}
public function isAuthorized($user) {
// Default deny
return false;
}
}

I think you should try to configure Auth component correctly. Try to put this code in your AppController:
class AppController extends Controller {
public $components = array('RequestHandler', 'Session',
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
);
public function beforeFilter() {
$this->Auth->authorize = array(
'Controller',
'Actions' => array('actionPath' => 'controllers')
);
$this->Auth->authenticate = array('Form' => array('fields' => array('username' => 'name', 'password' => 'password')));
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => false, 'plugin' => false);
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => false, 'plugin' => false);
}
public function isAuthorized($user) {
// Default deny
return false;
}
}
EDIT:
in UserModel and GroupModel add act as property:
public $actsAs = array('Acl' => array('type' => 'requester'));
in UserModel setup parentNode function:
public function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
if (isset($this->data['User']['group_id'])) {
$groupId = $this->data['User']['group_id'];
} else {
$groupId = $this->field('group_id');
}
if (!$groupId) {
return null;
} else {
return array('Group' => array('id' => $groupId));
}
}

CakePHP login always return false

I need a login/logout system in my project I've done an authorization class but It won't work for me because the login function always returns false
Here is my UserController.php
if ($this->request->is('post')) {
$this->Auth->fields = array("username"=>"username","password"=>"password");
debug($this->Auth->login(),false,true);
if ($this->Auth->login()) {
$this->Session->setFlash(__('You are now logged in.'));
}else{
$this->Session->setFlash(__('Invalid username or password, try again'));
}
Configure::write('debug', 2);
$log = $this->User->getDataSource()->getLog(false, false);
debug($log);
}
Also, my AppController.php have:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'User',
'action' => 'login'
),
'loginRedirect' => array('controller' => 'User', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'User', 'action' => 'login'),
'authError' => "You can't acces that page",
'authorize' => array('Controller'),
));
public function isAuthorized(){
return TRUE;
}
public function beforeFilter() {
$this->Auth->authenticate = array('Form');
$this->Auth->allow('index', 'view');
}
And finally my model file is:
public $validate = array(
'email' => array(
'required' => array(
'rule' => array("notEmpty"),
'message' => 'A E-mail field is required'
)
),'password' => array(
'required' => array(
'rule' => array("notEmpty"),
'message' => "A Password field is required"
)
)
);

CakePHP $this->Auth->login() not returning anything

I have tried just about everything now and I'm still having problems with my Auth Setup. I using Employee as my model with the fields employee_id and password. Blowfish is my passwordhasher and Employees/index in my Controller/action.
I'am trying to echo $this->Auth->login() but its not responding.
Output from $this->request->data
Array ( [Employee] => Array ( [employee_id] => bob [password] => temp ) )
Employee Model
<?php
class Employee extends AppModel {
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
return true;
}
public $primaryKey = 'employee_id';
public $hasMany = array(
'CustomerInteraction' => array(
'foreignKey' => 'created_by'
),
'Appointment' => array(
'foreignKey' => 'assigned_to'
),
'Customer' => array(
'className' => 'Customer',
'foreignKey' => false
)
);
public $hasOne = array(
'SalesTarget' => array(
'foreignKey' => 'subject'
)
);
public $virtualFields = array(
'full_name' => 'CONCAT(Employee.first_name, " ", Employee.last_name)'
);
}
?>
AppController
public $components = array(
'Session',
'Auth' => array(
'flashElement' => 'login_error',
'authError' => 'You must be logged in to view this page.',
'loginError' => 'Invalid Username or Password entered, please try again.',
'loginAction' => array(
'controller' => 'Employees',
'action' => 'index',
),
'authenticate' => array(
'all' => array(
'userModel' => 'Employee',
'passwordHasher' => 'Blowfish'
),
'Form' => array(
'userModel' => 'Employee',
'passwordHasher' => 'Blowfish',
'fields' => array(
'username' => 'employee_id',
'password' => 'password',
)
)
)
),
);
public $uses = array(
'ProgramApplication',
'Employee'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->fields = array(
'username' => 'employee_id',
'password' => 'password'
);
EmployeesController
<?php
class EmployeesController extends AppController {
public $uses = array(
'TimeEntry',
'Employee',
'CakeEmail',
'Network/Email' ,
'CraigslistTemplate',
'Inventory'
);
public $helpers = array(
'DateConversion'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('index','checkUsername','passwordStatus','passwordCheck','convertPassword');
}
public function index() {
//Set layout to loginr
$this->layout = 'login';
//if already logged-in, redirect
if($this->Session->check('Auth.User')){
return $this->redirect(
array('controller' => 'Search', 'action' => 'index'));
}
echo "1";
if($this->request->is('post')) {
echo $this->Auth->login();
if($this->passwordCheck($this->request->data['Employee']['employee_id'],$this->request->data['Employee']['password'])) {
}else{
echo "Invalid username/password";
}
}
Index.ctp
<div class="Employees form">
<?php //echo $this->Session->flash('auth'); ?>
<?php echo $this->Form->create('Employee',array('controller' => 'Employees','type' => 'POST')); ?>
<fieldset>
<legend>
<?php echo __('Please enter your username and password'); ?>
</legend>
<?php echo $this->Form->input('employee_id',array('type' => 'Username'));
echo $this->Form->input('password');
?>
</fieldset>
<?php echo $this->Form->end(__('Login')); ?>
</div>

I made the same setup you have and got an error related to blowfish.
Removing blowfish works ('passwordHasher' => 'Blowfish'). I am able to login.
I also used a dummy edit function that updates an user:
public function edit() {
$data = array(
'employee_id' => '111',
'password' => 'test',
);
$res = $this->Employee->save($data);
}
After running this function, I was able to login with 111/test, without blowfish.
Is blowfish a requirement for the project? Can you use normal passwords?

Auth Component, Controller other than Users

I don't have a User table. I got a Customer table. It seems like Cakephp Auth doesn't recognise any other table beside User. Is there any way to walk around this error?
If I tried using $this->Auth->User('role') - it works perfectly fine. But all my auth credentials is under the Customer table. please help.
I got this error below
Fatal error: Call to undefined method AuthComponent::Customer() in
/Applications/MAMP/htdocs/development03/app/app_controller.php on line 56
The code:
function beforeFilter() {
$this->set('admin', $this->_isAdmin());
}
function _isAdmin() {
$admin = FALSE;
if ($this->Auth->Customer('role') == 'admin') {
$admin = TRUE;
}
return $admin;
}

Let's say that you want administrators table where username is field email and password is field password:
In your AppController.php:
public $components = array('Session',
'Auth' => array('authenticate' => array('Form' => array( 'userModel' => 'Administrator',
'fields' => array(
'username' => 'email',
'password' => 'password'
)
)
),
'authorize' => array('Controller'),
'loginAction' => array('controller' => 'administrators', 'action' => 'login'),
'loginRedirect' => array('controller' => 'Home', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'Home', 'action' => 'index'),
),
);
In AppController.php add this too:
public function isAuthorized($user){
return true;
}

You will have to use userModel => ModelName property. Your AppController should looks like:
class AppController extends Controller
{
public $components = array(
'Auth' => array('authenticate' => array('Form' => array('userModel' =>'Customer',
'fields' => array('username' => 'USER_LOGINNAME', 'password' => 'USER_PASSWORD'
)
)
)
)
);
/*...... Your code ............*/
}
This link might help you to resolve bugs.

cakePHP isAuthorized not working

I have a table which splits my users (user_levels) linked to the users table (user_level_id). Level 5 is administrator.
I want to limit certain actions from being viewed and understand I can do this with isAuthorized. I went according to book and I am pretty sure I have it right, but it is not working. It allows any logged in users to still access any of the actions although I deny it in isAuthorized.
Here is my code:
App Controller:public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
),
'authError' => "Your username and password is incorrect, please try again.",
'authenticate' => array(
'Form' => array(
'scope' => array('User.user_status_id' => 1)
)
),
'redirect' => array("controller" => "users", "action" => "profile"),
'loginRedirect' => array("controller" => "users", "action" => "profile")
)
);
public function isAuthorized($user = null) {
if($this->Auth->user("user_level_id") == 5) {
return true;
}
// Default deny
return false;
}
public function beforeFilter() {
$this->Auth->allow("display");
if($this->Auth->loggedIn() == true) {
$this->set("user_name",$this->Auth->user("first_name")." ".$this->Auth->user("last_name"));
$this->set("loggedIn",true);
if($this->Auth->user("user_type_id") == 5) {
$this->set("navigation","navigation_admin");
} else {
$this->set("navigation","navigation_loggedin");
}
} else {
$this->set("loggedIn",false);
$this->set("navigation","navigation_notloggedin");
}
}
}
// Users Controller:
public function beforeFilter() {
$this->Auth->allow("login");
parent::beforeFilter();
}
public function isAuthorized($user = null) {
if($this->Auth->user("user_level_id") == 5) {
return true;
}
// Default deny
return parent::isAuthorized($user);
}

Looks like you're just missing the configuration to just tell the AuthComponent to use isAuthorized().
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
),
'authError' => "Your username and password is incorrect, please try again.",
'authenticate' => array(
'Form' => array(
'scope' => array('User.user_status_id' => 1)
)
),
'authorize' => array('Controller'), // <- here
'redirect' => array("controller" => "users", "action" => "profile"),
'loginRedirect' => array("controller" => "users", "action" => "profile")
)