Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
My \Auth::has_access() in modules seems not working
  • chenxchenx
    Greetings all,

    I want to ask about my situation here, please help me if I'm doing something wrong.

    I have modules with MVC inside, and I can access it via url.
    My modules is "admin", and I access it via "http://localhost/fuelphp/admin/"

    For authentication, I'm using ORMAuth and I already created one permission :

    area:backend,
    permission:post,
    actions: a:4:{i:0;s:4:"view";i:1;s:6:"create";i:2;s:4:"edit";i:3;s:6:"delete";}

    My users groups and roles is still using default from generated database.

     I login with user groupid 5 (Administrators) and I have one page that using authentication : \Auth::has_access('backend.post')
    When I access the page, I thought that the "has_access" should return false, because I haven't create any permission for administrators, but strangely it returns true.

    Now I'm confused with the ORM Authentication, even it's still basic. Please advice me if there's something missing from my method.

    Thank you so much.

  • chenxchenx
    Ah crap,

    I found my problem. My problem is the auth caching, I have delete the role permission but it still can be accessed because I haven't delete the cache.

    So my practice is, everytime I login then I run these commands as explained on docs :

    // flush the permissions of a single user (with id 12211)
    \Cache::delete(\Config::get('ormauth.cache_prefix', 'auth').'.permissions.user_'.$current_user->id);
    // flush all the cached permissions
    \Cache::delete_all(\Config::get('ormauth.cache_prefix', 'auth').'.permissions');
    // flush all the cached groups
    \Cache::delete(\Config::get('ormauth.cache_prefix', 'auth').'.groups');
    // flush all the cached roles
    \Cache::delete(\Config::get('ormauth.cache_prefix', 'auth').'.roles');

    Is this the best practice? Need your comment. Thank you.
  • HarroHarro
    In general you only need to flush the cache when you change something.

    So:
    - the roles cache if you modify a role
    - the groups cache if you modify a group
    - the user permission cache if you change direct permissions of a user
    - all user permission caches if you change permissions themselfs, or role or group permissions
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion