该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户

I did a fresh installation. CakePHP 3.6 and CakeDC/Users everything following the docs. I have created custom UsersController.php with the traits for users administration under the admin prefix and after logged in with superuser (created from command line) I managed to create new user with "admin" role. Then logged out and logged in with the new user and browser shows "The page isn’t redirecting properly" error. Social login is disable.

/src/Config/bootstrap.php

...
Configure::write('Users.roles', ['superuser', 'admin', 'user']);
Configure::write('Users.config', ['users']);
Plugin::load('CakeDC/Users', ['routes' => true, 'bootstrap' => true]);
...

/src/Config/users.php

<?php

/**
 * Copyright 2010 - 2017, Cake Development Corporation (https://www.cakedc.com)
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright Copyright 2010 - 2017, Cake Development Corporation (https://www.cakedc.com)
 * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
use Cake\Core\Configure;
use Cake\Routing\Router;

$config = [
    'Users' => [
        // Table used to manage users
        'table' => 'CakeDC/Users.Users',
        // Controller used to manage users plugin features & actions
        'controller' => 'CakeDC/Users.Users',
        // configure Auth component
        'auth' => true,
        // Password Hasher
        'passwordHasher' => '\Cake\Auth\DefaultPasswordHasher',
        // token expiration, 1 hour
        'Token' => ['expiration' => 3600],
        'Email' => [
            // determines if the user should include email
            'required' => true,
            // determines if registration workflow includes email validation
            'validate' => true,
        ],
        'Registration' => [
            // determines if the register is enabled
            'active' => false,
            // determines if the reCaptcha is enabled for registration
            'reCaptcha' => true,
            // allow a logged in user to access the registration form
            'allowLoggedIn' => false,
            //ensure user is active (confirmed email) to reset his password
            'ensureActive' => false,
            // default role name used in registration
            'defaultRole' => 'user',
        ],
        'reCaptcha' => [
            // reCaptcha key goes here
            'key' => null,
            // reCaptcha secret
            'secret' => null,
            // use reCaptcha in registration
            'registration' => false,
            // use reCaptcha in login, valid values are false, true
            'login' => false,
        ],
        'Tos' => [
            // determines if the user should include tos accepted
            'required' => true,
        ],
        'Social' => [
            // enable social login
            'login' => false,
            // enable social login
            'authenticator' => 'CakeDC/Users.Social',
        ],
        'GoogleAuthenticator' => [
            // enable Google Authenticator
            'login' => false,
            'issuer' => null,
            // The number of digits the resulting codes will be
            'digits' => 6,
            // The number of seconds a code will be valid
            'period' => 30,
            // The algorithm used
            'algorithm' => 'sha1',
            // QR-code provider (more on this later)
            'qrcodeprovider' => null,
            // Random Number Generator provider (more on this later)
            'rngprovider' => null
        ],
        'Profile' => [
            // Allow view other users profiles
            'viewOthers' => false,
            'route' => ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'profile'],
        ],
        'Key' => [
            'Session' => [
                // session key to store the social auth data
                'social' => 'Users.social',
                // userId key used in reset password workflow
                'resetPasswordUserId' => 'Users.resetPasswordUserId',
            ],
            // form key to store the social auth data
            'Form' => [
                'social' => 'social'
            ],
            'Data' => [
                // data key to store the users email
                'email' => 'email',
                // data key to store email coming from social networks
                'socialEmail' => 'info.email',
                // data key to check if the remember me option is enabled
                'rememberMe' => 'remember_me',
            ],
        ],
        // Avatar placeholder
        'Avatar' => ['placeholder' => 'CakeDC/Users.avatar_placeholder.png'],
        'RememberMe' => [
            // configure Remember Me component
            'active' => false,
            'checked' => true,
            'Cookie' => [
                'name' => 'remember_me',
                'Config' => [
                    'expires' => '1 month',
                    'httpOnly' => true,
                ]
            ]
        ],
    ],
    'GoogleAuthenticator' => [
        'verifyAction' => [
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'verify',
            'prefix' => false,
        ],
    ],
    // default configuration used to auto-load the Auth Component, override to change the way Auth works
    'Auth' => [
        'loginAction' => [
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'login',
            'prefix' => false
        ],
        'loginRedirect' => [
            'prefix' => 'admin',
            'plugin' => 'Articles',
            'controller' => 'Articles',
            'action' => 'index'
        ],
        'authenticate' => [
            'all' => [
                'finder' => 'auth',
            ],
            'CakeDC/Auth.ApiKey',
            'CakeDC/Auth.RememberMe',
            'Form' => [
                'fields' => [
                    'username' => 'email'
                ]
            ],
        ],
        'authorize' => [
            'CakeDC/Auth.Superuser',
            'CakeDC/Auth.SimpleRbac',
        ],
    ],
    'OAuth' => [
        'path' => ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'socialLogin', 'prefix' => null],
        'providers' => [
            'facebook' => [
                'className' => 'League\OAuth2\Client\Provider\Facebook',
                'options' => [
                    'graphApiVersion' => 'v2.8', //bio field was deprecated on >= v2.8
                    'redirectUri' => Router::fullBaseUrl() . '/auth/facebook',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/facebook',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/facebook',
                ]
            ],
            'twitter' => [
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/twitter',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/twitter',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/twitter',
                ]
            ],
            'linkedIn' => [
                'className' => 'League\OAuth2\Client\Provider\LinkedIn',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/linkedIn',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/linkedIn',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/linkedIn',
                ]
            ],
            'instagram' => [
                'className' => 'League\OAuth2\Client\Provider\Instagram',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/instagram',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/instagram',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/instagram',
                ]
            ],
            'google' => [
                'className' => 'League\OAuth2\Client\Provider\Google',
                'options' => [
                    'userFields' => ['url', 'aboutMe'],
                    'redirectUri' => Router::fullBaseUrl() . '/auth/google',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/google',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/google',
                ]
            ],
            'amazon' => [
                'className' => 'Luchianenco\OAuth2\Client\Provider\Amazon',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/amazon',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/amazon',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/amazon',
                ]
            ],
        ],
    ]
];

return $config;

/src/Config/permissions.php

<?php

return [
    'Users.SimpleRbac.permissions' => [
        //admin role allowed to all the things
        [
            'role' => [GROUP_SUPER_ID, GROUP_ADMIN_ID],
            'prefix' => '*',
            'extension' => '*',
            'plugin' => '*',
            'controller' => '*',
            'action' => '*'
        ],
        //specific actions allowed for the all roles in Users plugin
        [
            'role' => '*',
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => ['profile', 'logout', 'linkSocial', 'callbackLinkSocial'],
        ],
        [
            'role' => '*',
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'resetGoogleAuthenticator',
            'allowed' => function (array $user, $role, \Cake\Http\ServerRequest $request) {
                $userId = \Cake\Utility\Hash::get($request->getAttribute('params'), 'pass.0');
                if (!empty($userId) && !empty($user)) {
                    return $userId === $user['id'];
                }

                return false;
            }
        ],
        //all roles allowed to Pages/display
        [
            'role' => '*',
            //'plugin' => null,
            'controller' => 'Pages',
            'action' => 'display',
        ]
    ]
];

/src/Controllers/Admin/UsersController.php

<?php
namespace App\Controller\Admin;

use App\Controller\Admin\AppController;
use CakeDC\Users\Controller\Traits\ProfileTrait;
use CakeDC\Users\Controller\Traits\SimpleCrudTrait;
use CakeDC\Users\Model\Table\UsersTable;
use Cake\Utility\Inflector;

/**
 * Users Controller
 *
 *
 * @method \App\Model\Entity\User[]|\Cake\Datasource\ResultSetInterface paginate($object = null, array $settings = [])
 */
class UsersController extends AppController
{
    use ProfileTrait;
    use SimpleCrudTrait {

        index as protected traitIndex;
        add as protected traitAdd;
        edit as protected traitEdit;
    }


    public function index()
    {
        $table = $this->loadModel();
        $authUser = $this->Auth->user();
        $conditions = [];
        if ($authUser['role'] != GROUP_SUPER_ID) {
            $conditions['role !='] = GROUP_SUPER_ID;
        }
        $tableAlias = $table->alias();
        $this->set($tableAlias, $this->paginate($table, $conditions));
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
    }

    /**
     * Add method
     *
     * @return mixed Redirects on successful add, renders view otherwise.
     */
    public function add()
    {
        $table = $this->loadModel();
        $tableAlias = $table->alias();
        $entity = $table->newEntity();
        $this->set($tableAlias, $entity);
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
        if (!$this->request->is('post')) {
            return;
        }
        $entity = $table->patchEntity($entity, $this->request->getData());
        $entity->role = $this->request->data('role');
        $singular = Inflector::singularize(Inflector::humanize($tableAlias));
        if ($table->save($entity)) {
            $this->Flash->success(__d('CakeDC/Users', 'The {0} has been saved', $singular));

            return $this->redirect(['action' => 'index']);
        }
        $this->Flash->error(__d('CakeDC/Users', 'The {0} could not be saved', $singular));
    }

    /**
     * Edit method
     *
     * @param string|null $id User id.
     * @return mixed Redirects on successful edit, renders view otherwise.
     * @throws NotFoundException When record not found.
     */
    public function edit($id = null)
    {
        $table = $this->loadModel();
        $tableAlias = $table->alias();
        $entity = $table->get($id, [
            'contain' => []
        ]);
        $this->set($tableAlias, $entity);
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
        if (!$this->request->is(['patch', 'post', 'put'])) {
            return;
        }
        $entity = $table->patchEntity($entity, $this->request->getData());
        $entity->role = $this->request->data('role');
        $singular = Inflector::singularize(Inflector::humanize($tableAlias));
        if ($table->save($entity)) {
            $this->Flash->success(__d('CakeDC/Users', 'The {0} has been saved', $singular));

            return $this->redirect(['action' => 'index']);
        }
        $this->Flash->error(__d('CakeDC/Users', 'The {0} could not be saved', $singular));
    }
}

If I change the database directly and set the field "is_superuser" to "1" the new user can log in without error. But I can't find where the problem is.

Thanks.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douyan9417 2018-05-24 11:14
关注
Check debug.log when debug is true to understand the rules evaluation and debug the issue. It looks like the logged in user (debug the user data from $this->Auth->user() role is not matching your defined rules.

Also check the correct key for defining permissions is CakeDC/Auth.permissions see https://github.com/CakeDC/users/blob/master/config/permissions.php#L53

I would modify the rule

[ 'role' => [GROUP_SUPER_ID, GROUP_ADMIN_ID], 'prefix' => '*', 'extension' => '*', 'plugin' => '*', 'controller' => '*', 'action' => '*' ],

And change role to * then debug the user and match the role is correct. Check first you can access the target page via this rule, then start restricting the rule to what you need.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户 php
2018-05-24 10:09

回答 1 已采纳 Check debug.log when debug is true to understand the rules evaluation and debug the issue. It look
页面未正确重定向 php
2016-09-01 03:18

回答 1 已采纳 Your redirector.php will run before all controllers.. So the code redirect will work before your l
将某些用户重定向到不同的页面（PHP） php
2017-01-18 17:54

回答 2 已采纳 You need to cut off your email string, if you want to compare only the last part. $cmp = ".abc@em
配置Tomcat错误页面重定向
2022-12-06 10:23

奋斗2020的博客 tomcat配置错误页面重定向
如何使用PHP中的JavaScript将用户重定向到另一个页面？ html javascript php
2018-08-26 05:15

回答 1 已采纳 Standard "vanilla" JavaScript way to redirect a page You can use the code below to redirect the u
添加两个头函数后，PHP“页面没有正确重定向” php
2019-03-28 06:26

回答 1 已采纳 Changed the second function to this. And now it works function endsWith($haystack, $needle) {
如何在php中创建一个错误处理程序，以便在发生特定错误时重定向用户？ php
2018-12-10 21:00

回答 1 已采纳 Don't send any output via "echo" or similar because you can't redirect AFTER you've already starte
用户登录后重定向到原来访问页面
2018-11-22 09:53

xiaozaq的博客后台管理系统一般都会校验权限，当用户未登录，或者登录后长时间为操作导致session失效，权限校验会导致用户重定向到登录页面。此时希望用户在登录后返回原来的页面。具体实现方法如下： 1.权限校验重定向到登录...
页面重定向到新页面报404错误，如何解决？ eclipse java
2021-07-18 13:09

回答 3 已采纳 重定向404就是路径不对：1.文件不能在web-inf下转发可以2.重定向如果是同级不需要/3.可以截图把结构与代码放出来
WordPress：如何每次将特定用户重定向到特定页面？这与登录后无关 php
2019-01-27 02:21

回答 1 已采纳 You can use the built-in wp_redirect() function. Use a hook where there has been no output yet but
mysql将用户重定向到基于角色php的不同页面 mysql php
2016-10-19 10:07

回答 3 已采纳 You should check the user role. Here is an example how you can check it. P.S the adminfile.php a
页面跳转的两种实现方式：重定向与转发
2022-01-09 18:42

春风化作秋雨的博客 1、重定向 客户端向服务器端发送一个请求servlet1，服务器端接收servlet1，servlet1执行完后调用了sendRedirect()方法，立即向客户端返回这个响应，响应行告诉客户端你必须要再发送一个servlet2请求，客户端收到这...
如果未登录，则将用户重定向到另一个页面？ php
2017-10-15 10:49

回答 1 已采纳 On top of your forums.php, check if the session is active, and if not, issue an HTTP redirect. &l
Linux 输入输出重定向 2＞/dev/null和＞/dev/null 2＞&1和2＞&1＞/dev/nul
2022-07-11 07:37

「已注销」的博客 command 2>filename 把标准错误重定向到新文件中 command 2>>filename 把标准错误追加到新文件中我们使用>或者>>对输出进行重定向。符号的左边表示文件描述符，如果没有的话表示1，也就是标准输出，符号的右边可以...
重定向页面的问题与解决方法
2020-02-12 20:12

胸大的请先讲的博客 // 返回检查cookies中有没有用户，没有就重定向到登录页面 function getCookie ( NameOfCookie ) { if ( document . cookie . length > 0 ) { begin = document . cookie . indexOf ( ...
没有解决我的问题, 去提问

悬赏问题

¥20 机器学习能否像多层线性模型一样处理嵌套数据
¥20 西门子S7-Graph,S7-300，梯形图
¥50 用易语言http 访问不了网页
¥50 safari浏览器fetch提交数据后数据丢失问题
¥15 matlab不知道怎么改，求解答！！
¥15 永磁直线电机的电流环pi调不出来
¥15 用stata实现聚类的代码
¥15 请问paddlehub能支持移动端开发吗？在Android studio上该如何部署？
¥20 docker里部署springboot项目，访问不到扬声器
¥15 netty整合springboot之后自动重连失效

该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户

1条回答 默认 最新

悬赏问题

1条回答默认最新