How does nette know when a page is backend
- kevin.waterson@gmail.com
- Member | 81
If I have this code in my admin presenter, how does nette decide that this
is in the backend or not?
I am trying to understand the program flow.
<?php
protected function startup(): void
{
parent::startup();
if (!$this->getUser()->isAllowed('backend')) {
throw new Nette\Application\ForbiddenRequestException;
}
}
?>
- CZechBoY
- Member | 3608
It is just a resource defined in your authorizator https://doc.nette.org/…thentication#…
- kevin.waterson@gmail.com
- Member | 81
CZechBoY wrote:
It is just a resource defined in your authorizator https://doc.nette.org/…thentication#…
Does the authorizator need to be called via the config somehow?
Or is this done from the presenter?
- CZechBoY
- Member | 3608
Check the documentation.
If you want custom authorizator you should implement IAuthorizator interface
and register it as service in config.
I often use just AuthorizationFactory which returns Nette\Security\Permission
object in create method, then you register this factory as you can see in
documentation.
Last edited by CZechBoY (2019-12-08 16:24)
- kevin.waterson@gmail.com
- Member | 81
CZechBoY wrote:
Check the documentation.
If you want custom authorizator you should implement IAuthorizator interface and register it as service in config.
I often use just AuthorizationFactory which returns Nette\Security\Permission object in create method, then you register this factory as you can see in documentation.
That was another query I had.
What is the difference between using IAuthorizator, and Permission?
They seem to achieve the same goal of checking a users ability to perform and
action on a resource.
- MajklNajt
- Member | 494
Nette\Security\IAuthorizator is interface,
Nette\Security\Permission is one implementation of
this interface, you can write own implementation as wrote
CZechBoY
kevin.waterson@gmail.com wrote:
CZechBoY wrote:
Check the documentation.
If you want custom authorizator you should implement IAuthorizator interface and register it as service in config.
I often use just AuthorizationFactory which returns Nette\Security\Permission object in create method, then you register this factory as you can see in documentation.That was another query I had.
What is the difference between using IAuthorizator, and Permission?
They seem to achieve the same goal of checking a users ability to perform and action on a resource.