I want to understand the sequence of steps how it is verified that a user has permission to particular application page ('Acl', 'Auth', 'Security' c开发者_运维百科omponents are used). For example, a visitor clicks a link on another site that directs him to my application. What is the sequence of steps that my application does to verify that this user has access to the page? What controllers/classes and methods are called?
- if Auth is required on that page, your app checks if a user is logged in
- if not, it redirects to login page
- if yes, your app should check permission,
- normally, it checks your user group to see if that group has permission on that page
- if it does, it checks that username to see if that user has permission on that page
logics for 3,4 and 5 should be done in app_controller
thats my take on it.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论