在浏览设置 Auth 和 ACL 组件的教程时,我发现当登录用户访问我的网站中他们没有权限的区域时,他们会被重定向到 /。
这不是一个阻碍,因为我总是可以将它们从我的主页视图重定向到适当的位置,或者只是在那里显示错误,但这似乎有点hacky。如果用户无权访问特定视图,是否有办法指定 ACL 应将用户重定向到何处?在这种情况下,我只想设置一个简单的全局访问被拒绝错误页面。即使再次将它们重定向到登录页面也是可以接受的,但主页对于系统使用来说似乎是一个非常奇怪的默认值。
When going through the tutorials for setting up the Auth and ACL components, I discovered that when a logged-in user accesses an area of my site that they do not have permissions for, they are redirected to /.
This isn't a show stopper, as I can always redirect them to the appropriate place from my homepage view or just display an error there, but that seems sort of hacky. Is there a way to specify where ACL should redirect a user if they do not have access to a particular view? I'd just like to set up a simple global access denied error page in this case. Even having it redirect them to the login page again would be kind of acceptable, but the homepage just seems like a really odd default for the system to use.
发布评论
评论(1)
您可以设置 $this->Auth->authorize = 'controller',然后在 isAuthorized() 回调中指定重定向。
http://book.cakephp.org/view/1275/authorize
http://api13.cakephp.org/view_source/auth-component/#line-508
您还可以测试 $this->Auth->user() 是否有足够的权限,失败时重定向:
否则,Auth->redirect() 将提取登录重定向属性设置的内容,默认为 /。请参阅 http://api13.cakephp.org/view_source/auth-component/#第745行
You could set $this->Auth->authorize = 'controller', then specify redirect in the isAuthorized() callback.
http://book.cakephp.org/view/1275/authorize
http://api13.cakephp.org/view_source/auth-component/#line-508
You could also test $this->Auth->user() for sufficient privileges and redirect on fail:
Otherwise, Auth->redirect() pulls whatever the login redirect property is set to, which defaults to /. See http://api13.cakephp.org/view_source/auth-component/#line-745