$this->loadComponent('Flash');
- }
+ $this->loadComponent('Auth', [
+ 'authorize' => ['Controller'],
+ 'loginRedirect' => [
+ 'controller' => 'Users',
+ 'action' => 'login'
+ ],
+ 'logoutRedirect' => [
+ 'controller' => 'Users',
+ 'action' => 'login',
+ ],
+ 'unauthorizedRedirect' => false,
+ ]);
+ }
+ public function isAuthorized($user)
+ {
+ // Admin peuvent accéder à chaque action
+ if (isset($user['role']) && $user['role'] === 'admin') {
+ return true;
+ }
+ $this->Flash->error(__('You are not allowed to do that.'));
+ // Par défaut refuser
+ return false;
+ }
/**
$this->set('paging',$this->request->params['paging']);
}
- /**
- *
- * @param Event $event
- */
- public function beforeFilter(Event $event) {
+
+ public function beforeFilter(Event $event)
+ {
parent::beforeFilter($event);
+ // Allow users to register and logout.
+ // You should not add the "login" action to allow list. Doing so would
+ // cause problems with normal functioning of AuthComponent.
+ $this->Auth->allow(['index','view','logout']);
}
-
}