You are here: Dataface :: Forum

The custom action is open without any authentification

A place for users and developers of the Xataface to discuss and receive support.
Post a reply

The custom action is open without any authentification

Postby Yann » Tue Jan 22, 2008 1:18 am

Hello Steve,
Anyone can access my custom action through the login page without any authentification. Have you a suggestion about where this problem comes from ?
Cheers
Jean
Yann
 
Posts: 5
Joined: Tue Jan 22, 2008 1:10 am
Top

Postby shannah » Tue Jan 22, 2008 10:04 am

Custom actions have not permissions associated with them by default. You need to add permission entry in the actions.ini file for that action if you want to limit it.

e.g.
Code: Select all
[my_custom_action]
    permission=view


This would make it so that the user needs the view permission to access this action.

It is sometimes useful to create custom permissions corresponding to your custom action.

e.g.
in the permissions.ini file create a permission called 'my_custom_permission' then add this permission to certain roles.

Code: Select all
my_custom_permission = "Permission for my custom action"

;; A custom role
[MY CUSTOM ROLE extends READ ONLY]
    my_custom_permission=1
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm
Top

Postby Yann » Thu Jan 24, 2008 1:28 am

Thank you Steve!
Yann
 
Posts: 5
Joined: Tue Jan 22, 2008 1:10 am
Top
Post a reply

Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 32 guests

Powered by phpBB® Forum Software © phpBB Group
cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved