* @var boolean
*/
public $haveErrors = false;
-
-
+
+
public $validator;
public $errors ;
-
-
+
+
use \Crud\Controller\ControllerTrait;
public $components = [
'RequestHandler',
- 'Crud.Crud' => [
- 'actions' => [
- 'index',
- 'Crud.View',
- 'Crud.Add',
- 'Crud.Edit',
- 'Crud.Delete'
- ],
- 'listeners' => [
- 'Crud.Api',
- 'Crud.ApiPagination',
- 'Crud.ApiQueryLog'
- ]
- ]
];
-
-
+
+
/**
* Initialization hook method.
*
public function initialize()
{
parent::initialize();
-
+
$this->loadComponent('RequestHandler');
-
+
$this->loadComponent('Flash');
-
- $this->loadComponent('Auth', [
+
+ $this->loadComponent('Auth', [
+ 'authorize' => 'Controller',
'authenticate' => [
- 'Form' => [
- 'fields' => ['username' => 'username', 'password' => 'password']
- ]
- ]
+ 'Digest' => [
+ 'fields' => ['username' => 'username', 'password' => 'digest_hash'],
+ 'userModel' => 'Users',
+ ],
+ ],
+ 'realm' => env('SERVER_NAME'),
+ 'storage' => 'Memory',
+ 'sessionKey' => false,
+ 'unauthorizedRedirect' => false
]);
}
-
+
+
+ /**
+ * @param $user
+ * @return bool
+ *
+ */
public function isAuthorized($user)
{
+ //Allow all get action
+ if ($this->request->is('get')){
+ return true;
+ }
+
// Admin peuvent accéder à chaque action
- if (isset($user['role']) && ($user['role'] === 'admin')) {
+ if (isset($user['role']) && $user['role'] === 'admin') {
return true;
}
-
+
+
+ $this->Flash->error(__('You are not allowed to do that.'));
// Par défaut refuser
- return true;
+ return false;
}
-
-
+
/**
* Before render callback.
*
$this->RequestHandler->renderAs($this, 'json');
$this->set('_serialize', true);
}
-
+
$pagination = $this->request->paging[$this->modelClass];
if (empty($pagination)) {
return;
}
- $paginationResponse = [
- 'page_count' => $pagination['pageCount'],
- 'current_page' => $pagination['page'],
- 'has_next_page' => $pagination['nextPage'],
- 'has_prev_page' => $pagination['prevPage'],
- 'count' => $pagination['count'],
- 'limit' => $pagination['limit']
- ];
-
- $this->set('pagination', $paginationResponse);
-
$this->set('paging',$this->request->params['paging']);
-
-// $this->RequestHandler->renderAs($this, 'json');
-//
-// $this->set('_serialize', true);
-//
-
}
-
- /**
- *
- * @param Event $event
- */
- public function beforeFilter(Event $event) {
- $this->Auth->allow();
+
+
+ public function beforeFilter(Event $event)
+ {
parent::beforeFilter($event);
+
+
+ // Allow users to register and logout.
+ // You should not add the "login" action to allow list. Doing so would
+ // cause problems with normal functioning of AuthComponent.
+ $this->Auth->allow(['index','logout','view']);
}
-
}