When a user is logged in and try to access a particular action which he’s not authorized to view, user is redirected to '/' (even you can get a loop behaviour in certain circumstances). I've searched for solutions to this issue, but I didn't find anything.
I've written some lines in app_controller.php to redirect logged in users to an error page ("you have no permission to access...") but I'm not sure if I'm messing up the code.
Could you advise me? Thank you.
In app_controller.php:
var $components = array('Auth');
function beforeFilter() {
$allowedActions = array_map('strtolower', $this->Auth->allowedActions);
if (!($this开发者_开发知识库->Auth->allowedActions == array('*') || in_array($this->action, $allowedActions))) {
$_SERVER['HTTP_REFERER'] = Router::url(array('controller' => 'page', 'action' => 'error'));
}
}
You could try to use
$this->Auth->loginError = "LOGIN ERROR";
$this->Auth->authError = "AUTH ERROR";
in *app_controller.php* combined with echo $session->flash('auth');
in your default.ctp view.
Another way is using Auth component's isAuthorized
method and redirect depending on its outcome.
精彩评论