How does the authorize function work??

  • Posts: 272
  • Thank you received: 3
  • Hikashop Business
12 years 4 months ago #55085

Hello, we have been developing a class to manage product supplier data (see this thread for the outline) . Everything was working great until we updated to 1.5.8. Now when we view the supplier listing we get a 403 - access forbidden message. We have traced this to a modification of the function authorize () in the admin helper.php file. If we comment out the follow lines of code

if(!$this->isIn($task,array('modify_views','add','modify','delete','display'))){
return false;
}

our product supplier listings reappear. Looking at other controllers and classes I cannot work out what changes need to made to allow our supplier listings to be viewed. Any suugestions most welcome.

This is all in the admin part of the site.

Thansk, James

Last edit: 12 years 4 months ago by jameswadsworth.

Please Log in or Create an account to join the conversation.

  • Posts: 82821
  • Thank you received: 13368
  • MODERATOR
12 years 4 months ago #55118

Hi,

The task (function) of your controller needs to be registered in one of the attributes of the controller class: $modify_views, $add, $modify, $delete or $display.
You can see that we have all the tasks there at the beginning of the controllers class definition.

The following user(s) said Thank You: jameswadsworth

Please Log in or Create an account to join the conversation.

  • Posts: 272
  • Thank you received: 3
  • Hikashop Business
12 years 4 months ago #55288

Hi Nicolas, thanks for the pointer. The reason why it had stopped working with the latest version of the authorize function is that we were missing the square brackets after our this->diplay in our supplierContoller and therefore the listing display was not in the array.

Please Log in or Create an account to join the conversation.

Time to create page: 0.054 seconds
Powered by Kunena Forum