Cakedc/auth & Cakedc/users : what to do?

Need Help
1

Hello

I want to use the cakedc/users pluging for managing the users and cakedc/auth for RBAC.
I have read the blogs on www.cakedc.com but it’s confusing for me.

  1. Do I need the install both plugins or only the cakedc/users plugin?
  2. I’m trying the ‘owner’ permission but I receive this error:
    Class ‘CakeDC\Users\Auth\Rules\Owner’ not found
    and when I write this in my appcontroller
    $this->loadComponent(‘Auth’, [
    ‘authorize’ => [‘CakeDC/Auth.SimpleRbac’],
    ‘loginRedirect’ => [
    ‘controller’ => ‘Articles’,
    ‘action’ => ‘index’
    ],
    ‘logoutRedirect’ => [
    ‘controller’ => ‘Pages’,
    ‘action’ => ‘display’,
    ‘home’
    ]
    ]);
    $this->loadComponent(‘CakeDC/Users.UsersAuth’);
    I do receive this error:
    The “Auth” alias has already been loaded with the following config: …

Can you put me on the road?
Thank you!

cakephp: 3
cakedc/users: 7.0.0
cakedc/auth: 2.0.3

2
  1. If you install cakedc/users you’ll get cakedc/auth as it’s a dependency of the Users Plugin
  2. Please paste here the code in your permissions.php file, here’s a correct usage example https://github.com/CakeDC/auth/blob/master/Docs/Documentation/Rbac.md#permission-rules

About AuthComponent, keep in mind UsersAuthComponent will load and configure AuthComponent internally, so you are getting Auth loaded twice. Please check this link to understand how to configure it https://github.com/CakeDC/users/blob/master/Docs/Documentation/Configuration.md#default-authenticate-and-authorize-objects-used or you can disable Auth configuration from Users, and using your own using the configuration key Users.auth (set it to false).

3

Thank you for your quick respons.
I will try this.

4

Ok, I no longer get errors but the Owner() rule is not working.

In the bootstrap file I only load the cakedc/users plugin
Plugin::load('CakeDC/Users', ['bootstrap' => true, 'routes' => true]);

In the AppController
public function initialize()
{
parent::initialize();

        $this->loadComponent('RequestHandler');
        $this->loadComponent('Flash');
        $this->loadComponent('CakeDC/Users.UsersAuth');
        parent::initialize();
    }

And permissions file:
return [
‘Users.SimpleRbac.permissions’ => [
//admin role allowed to all the things
[
‘role’ => ‘admin’,
‘prefix’ => ‘’,
‘extension’ => '’,
‘plugin’ => ‘’,
‘controller’ => '’,
‘action’ => ‘’,
],
//specific actions allowed for the all roles in Users plugin
[
‘role’ => '’,
‘plugin’ => ‘CakeDC/Users’,
‘controller’ => ‘Users’,
‘action’ => [‘profile’, ‘logout’, ‘linkSocial’, ‘callbackLinkSocial’],
],
[
‘role’ => ‘*’,
‘plugin’ => ‘CakeDC/Users’,
‘controller’ => ‘Users’,
‘action’ => ‘resetGoogleAuthenticator’,
‘allowed’ => function (array $user, $role, \Cake\Http\ServerRequest $request) {
$userId = \Cake\Utility\Hash::get($request->getAttribute(‘params’), ‘pass.0’);
if (!empty($userId) && !empty($user)) {
return $userId === $user[‘id’];
}

                return false;
            }
        ],
        //all roles allowed to Pages/display
        [
            'role' => '*',
            //'plugin' => null,
            'controller' => 'Pages',
            'action' => 'display',
        ],
      [
            'role' => 'user',
            'controller' => 'Articles',
            'action' => ['index','view'],
        ],
      [
            'role' => 'user',
            'controller' => 'Users',
            'action' => ['index','view'],
        ],
         [
            'role' => '*',
            'controller' => 'Articles',
            'action' => ['edit', 'delete'],
            'allowed' => new \CakeDC\Auth\Rbac\Rules\Owner() //will pick by default the post id from the first pass param
            ],
    ]
];

Is there something I still do wrong?