You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Maybe makes sense remake the ACL::required method?
For example:
/** * If the active user does not have this permission, * failed with an Exception_403. * * @throws Exception_403 If the user doesn't have permission. * @param string $perm_name * @param object User object * @param callable $callbak What to run if there is no privilege * @return boolean */publicstaticfunctionrequired($perm_name, Model_User$user = NULL, $callback = NULL)
{
if ( ! ACL::check($perm_name, $user) )
{
if( ! is_null($callback) )
{
call_user_func($callback);
}
// If the action is set and the role hasn't been matched,// the user doesn't have permission.thrownewHTTP_Exception_403('Unauthorised access attempt to action :act.',
array(
':act' => $perm_name
)
);
}
}
It is necessary for ease of use:
<?php defined('SYSPATH') OR die('No direct script access.');
classController_AdminextendsTemplate {
publicfunctionbefore()
{
// Inform that we're in admin section for themers/developersTheme::$is_admin = TRUE;
ACL::required('administer site', NULL, Request::$current->redirect(Route::get('user')->uri(array('action' => 'login'))));
parent::before();
}
publicfunctionindex()
{
$this->response->body(__('Welcome to admin'));
}
}
or
ACL::required('administer site', NULL, Kohana::$log->add(Log::ERROR, 'An attempt of unauthorized access'));
I'm not sure that's a good idea, but can you suggest a better idea?
The text was updated successfully, but these errors were encountered:
Second parameter is useful in many cases, like when you want to perform a background job as a particular user, in that case we need to pass the user object, because the active user will be the guest in that case, but we need to run as different user.
Maybe makes sense remake the
ACL::required
method?For example:
It is necessary for ease of use:
or
I'm not sure that's a good idea, but can you suggest a better idea?
The text was updated successfully, but these errors were encountered: