【发布时间】:2013-05-06 01:24:58
【问题描述】:
我在数据库中有两个表,Admins 和 Users。管理员应该只打开有 9 个控制器的管理员面板。用户将看到有一个控制器名称“HomeController”的前端。
当用户登录时,他能够访问仅供管理员使用的控制器。当管理员登录时,他能够打开仅供用户使用的控制器。如何防止这种情况发生?
应用控制器:
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Admin' => array(
'userModel' => 'Admin',
'fields' => array(
'username' => 'username',
'password' => 'password'
)
),
'User' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'username',
'password' => 'password'
)
)
)
)
);
public function beforeFilter()
{
}
}
TransactionsController:(由管理员访问)
public function beforeFilter()
{
$this->Auth->loginRedirect = array('controller' => 'items', 'action' => 'index');
$this->Auth->logoutRedirect = array('controller' => 'admins', 'action' => 'login');
$this->Auth->loginAction = array('controller' => 'admins', 'action' => 'login');
// Basic setup
$this->Auth->authenticate = array('Form');
// Pass settings in
$this->Auth->authenticate = array(
'Form' => array('userModel' => 'Admin')
);
}
public function isAuthorized($admin)
{
if(isset($admin['Admin']['id']))
{
return true;
}
return false;
}
HomeController:(由用户访问)
public function beforeFilter()
{
$this->Auth->loginRedirect = array('controller' => 'home', 'action' => 'index');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
// Basic setup
$this->Auth->authenticate = array('Form');
// Pass settings in
$this->Auth->authenticate = array(
'Form' => array('userModel' => 'User')
);
$this->Auth->allow('view', 'index', 'item', 'itemlist', 'search');
}
public function isAuthorized($user)
{
if(isset($user['User']['id']))
{
return true;
}
return false;
}
【问题讨论】:
标签: cakephp