O'Reilly logo

CakePHP 2 Application Cookbook by Jorge González, James Watts

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Custom RBAC

Role Based Access Control (RBAC) is where a user belongs to one or several roles. There are then permissions assigned to a specific role; they allow or deny user access to subjects.

In this recipe, we're going to use a simplified approach, where users will belong to exactly one role, and permissions will be set to allow access to controller actions. By default, all actions will be denied, and we'll configure which roles can access which actions in our application. For this, we'll use a custom authenticate class and a configuration file to define the permissions. Easy to maintain and human readable.

Getting ready

For this recipe, we'll again create a users table, using the following SQL statement:

CREATE TABLE users ( id VARCHAR(36) NOT ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required