Xataface Forums

Put a face on your database
http://xataface.com/forum/

The custom action is open without any authentification

http://xataface.com/forum/viewtopic.php?f=4&t=4371

Page 1 of 1

The custom action is open without any authentification

PostPosted: Tue Jan 22, 2008 1:18 am
by Yann
Hello Steve,
Anyone can access my custom action through the login page without any authentification. Have you a suggestion about where this problem comes from ?
Cheers
Jean

PostPosted: Tue Jan 22, 2008 10:04 am
by shannah
Custom actions have not permissions associated with them by default. You need to add permission entry in the actions.ini file for that action if you want to limit it.

e.g.
Code: Select all
[my_custom_action]
    permission=view


This would make it so that the user needs the view permission to access this action.

It is sometimes useful to create custom permissions corresponding to your custom action.

e.g.
in the permissions.ini file create a permission called 'my_custom_permission' then add this permission to certain roles.

Code: Select all
my_custom_permission = "Permission for my custom action"

;; A custom role
[MY CUSTOM ROLE extends READ ONLY]
    my_custom_permission=1

PostPosted: Thu Jan 24, 2008 1:28 am
by Yann
Thank you Steve!
All times are UTC - 7 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/