extended rdAuth

July 24, 2006 at 10:49 am 3 comments

I created a new authentication component that extends the rdAuth that we are currently using. The extended component basically gets the the access from the db instead of the static var $access inside each component. The idea of creating this one was explained in my previous post.

What you need

  1. Create 3 tables (xrd_auth_tables.txt)
  2. The xrdAuth component (xrd_auth_component.txt)
  3. Create the models for the tables above. Then, in the xrdAuth, set the ffg variables
    var $tbl_controller_access = 'model_name_for_SysControllerAccess';
    var $tbl_controller_function = 'model_name_for_SysControllerFunction';
    var $tbl_controller = 'model_name_for_SysController';

How to use xrdAuth

Read the wiki tutorial how to use rdAuth for general instructions. Ofcourse, replace rdAuth to xrdAuth and dont declare the var $access anymore. You’ll add that directly in the db. We’ll discuss that later.
Then edit your AppController::checkAccess() before the if condition

// Enable this to create an array of roles that is allowed to be an admin.
// NOTE: declare this before the set function
//$this->xrdAuth->admins = array('Administrator','Guest');

//set local vars from session

// Enable this to set all user groups to admin.
// NOTE: declare this after the set function

// pass controller
$this->xrdAuth->controller = &$this;

// do not edit below this line
if () {.. the other codes here ..}

How to add access

Basically, we have 3 tables namely: tSysController, tSysControllerFunctions and tSysControllerAccess
In tSysController, add all the Controller names you wish to create access
In tSysControllerFunctions, insert the Controller function names, e.g. ‘add’, ‘edit’, ‘delete’, and the controller_id from tSysController
In tSysControllerAccess, add the group_name, e.g. ‘Administrator’, that has access to the function_id(tSysControllerFunction)

In any case that a group has access to all functions in a controller, you can just use ‘*’. Do the ffg. (but change the variables to your value)

INSERT INTO SysControllerFunction (`name`, `controller_id`)
VALUES ('*', $the_controller_id);
INSERT INTO SysControllerAccess (`group_name`, `function_id`)
VALUES ($group, $the_function_id);

That’s it! If you found any bug, kindly email me 🙂


I’ve been using this component for a while and seems ok with me. There is only 1 catch, when either your controller, model or view doesnt exist, it will show you an error like this — “Fatal error: Call to a member function on a non-object in: /app/controllers/components/xrd_auth.php on line 39” . I still havnt had that much time to fix this one (bec the error is still bearable). But for the moment, to see the problem, just disable it for a while.

Update Dec 18, 2006:

I’ve moved the txt files to another location so I hope you’ll all see the files.

Also, problem above is fixed, just update the code you had with this one. You’ll get an error in red “Error: Controller cannot detect table Syscon” and the normal error you’ll get from cake.

I’d also probably make an interface where we can add the relationships to each controllers and functions. I’ll do that as soon as I get the time. I will also be needing it anyway.

Update May 21, 2007:

The files are lost so please give me a few days to retrieve them.. thanks..


Entry filed under: cakephp, components.

what do you use for your authentication? get rid of GET

3 Comments Add your own

  • 1. Mumu  |  September 25, 2006 at 5:54 pm

    hi, this link returns 404 error page https://cakensoda.wordpress.com/wp-admin/xrd_auth_component.txt

  • 2. cakensoda  |  September 26, 2006 at 1:11 am

    Hi mumu, i fixed the link. thanks.

  • 3. :uic =>  |  December 18, 2006 at 12:20 pm

    ive been looking for alternative places to find the xrd_auth_component.txt..but i couldnt find any..and your link seems broken for me too..if you could check it


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Recent Posts

July 2006
« Jun   Aug »

%d bloggers like this: