该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户

I did a fresh installation. CakePHP 3.6 and CakeDC/Users everything following the docs. I have created custom UsersController.php with the traits for users administration under the admin prefix and after logged in with superuser (created from command line) I managed to create new user with "admin" role. Then logged out and logged in with the new user and browser shows "The page isn’t redirecting properly" error. Social login is disable.

/src/Config/bootstrap.php

...
Configure::write('Users.roles', ['superuser', 'admin', 'user']);
Configure::write('Users.config', ['users']);
Plugin::load('CakeDC/Users', ['routes' => true, 'bootstrap' => true]);
...

/src/Config/users.php

<?php

/**
 * Copyright 2010 - 2017, Cake Development Corporation (https://www.cakedc.com)
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright Copyright 2010 - 2017, Cake Development Corporation (https://www.cakedc.com)
 * @license MIT License (http://www.opensource.org/licenses/mit-license.php)
 */
use Cake\Core\Configure;
use Cake\Routing\Router;

$config = [
    'Users' => [
        // Table used to manage users
        'table' => 'CakeDC/Users.Users',
        // Controller used to manage users plugin features & actions
        'controller' => 'CakeDC/Users.Users',
        // configure Auth component
        'auth' => true,
        // Password Hasher
        'passwordHasher' => '\Cake\Auth\DefaultPasswordHasher',
        // token expiration, 1 hour
        'Token' => ['expiration' => 3600],
        'Email' => [
            // determines if the user should include email
            'required' => true,
            // determines if registration workflow includes email validation
            'validate' => true,
        ],
        'Registration' => [
            // determines if the register is enabled
            'active' => false,
            // determines if the reCaptcha is enabled for registration
            'reCaptcha' => true,
            // allow a logged in user to access the registration form
            'allowLoggedIn' => false,
            //ensure user is active (confirmed email) to reset his password
            'ensureActive' => false,
            // default role name used in registration
            'defaultRole' => 'user',
        ],
        'reCaptcha' => [
            // reCaptcha key goes here
            'key' => null,
            // reCaptcha secret
            'secret' => null,
            // use reCaptcha in registration
            'registration' => false,
            // use reCaptcha in login, valid values are false, true
            'login' => false,
        ],
        'Tos' => [
            // determines if the user should include tos accepted
            'required' => true,
        ],
        'Social' => [
            // enable social login
            'login' => false,
            // enable social login
            'authenticator' => 'CakeDC/Users.Social',
        ],
        'GoogleAuthenticator' => [
            // enable Google Authenticator
            'login' => false,
            'issuer' => null,
            // The number of digits the resulting codes will be
            'digits' => 6,
            // The number of seconds a code will be valid
            'period' => 30,
            // The algorithm used
            'algorithm' => 'sha1',
            // QR-code provider (more on this later)
            'qrcodeprovider' => null,
            // Random Number Generator provider (more on this later)
            'rngprovider' => null
        ],
        'Profile' => [
            // Allow view other users profiles
            'viewOthers' => false,
            'route' => ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'profile'],
        ],
        'Key' => [
            'Session' => [
                // session key to store the social auth data
                'social' => 'Users.social',
                // userId key used in reset password workflow
                'resetPasswordUserId' => 'Users.resetPasswordUserId',
            ],
            // form key to store the social auth data
            'Form' => [
                'social' => 'social'
            ],
            'Data' => [
                // data key to store the users email
                'email' => 'email',
                // data key to store email coming from social networks
                'socialEmail' => 'info.email',
                // data key to check if the remember me option is enabled
                'rememberMe' => 'remember_me',
            ],
        ],
        // Avatar placeholder
        'Avatar' => ['placeholder' => 'CakeDC/Users.avatar_placeholder.png'],
        'RememberMe' => [
            // configure Remember Me component
            'active' => false,
            'checked' => true,
            'Cookie' => [
                'name' => 'remember_me',
                'Config' => [
                    'expires' => '1 month',
                    'httpOnly' => true,
                ]
            ]
        ],
    ],
    'GoogleAuthenticator' => [
        'verifyAction' => [
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'verify',
            'prefix' => false,
        ],
    ],
    // default configuration used to auto-load the Auth Component, override to change the way Auth works
    'Auth' => [
        'loginAction' => [
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'login',
            'prefix' => false
        ],
        'loginRedirect' => [
            'prefix' => 'admin',
            'plugin' => 'Articles',
            'controller' => 'Articles',
            'action' => 'index'
        ],
        'authenticate' => [
            'all' => [
                'finder' => 'auth',
            ],
            'CakeDC/Auth.ApiKey',
            'CakeDC/Auth.RememberMe',
            'Form' => [
                'fields' => [
                    'username' => 'email'
                ]
            ],
        ],
        'authorize' => [
            'CakeDC/Auth.Superuser',
            'CakeDC/Auth.SimpleRbac',
        ],
    ],
    'OAuth' => [
        'path' => ['plugin' => 'CakeDC/Users', 'controller' => 'Users', 'action' => 'socialLogin', 'prefix' => null],
        'providers' => [
            'facebook' => [
                'className' => 'League\OAuth2\Client\Provider\Facebook',
                'options' => [
                    'graphApiVersion' => 'v2.8', //bio field was deprecated on >= v2.8
                    'redirectUri' => Router::fullBaseUrl() . '/auth/facebook',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/facebook',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/facebook',
                ]
            ],
            'twitter' => [
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/twitter',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/twitter',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/twitter',
                ]
            ],
            'linkedIn' => [
                'className' => 'League\OAuth2\Client\Provider\LinkedIn',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/linkedIn',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/linkedIn',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/linkedIn',
                ]
            ],
            'instagram' => [
                'className' => 'League\OAuth2\Client\Provider\Instagram',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/instagram',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/instagram',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/instagram',
                ]
            ],
            'google' => [
                'className' => 'League\OAuth2\Client\Provider\Google',
                'options' => [
                    'userFields' => ['url', 'aboutMe'],
                    'redirectUri' => Router::fullBaseUrl() . '/auth/google',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/google',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/google',
                ]
            ],
            'amazon' => [
                'className' => 'Luchianenco\OAuth2\Client\Provider\Amazon',
                'options' => [
                    'redirectUri' => Router::fullBaseUrl() . '/auth/amazon',
                    'linkSocialUri' => Router::fullBaseUrl() . '/link-social/amazon',
                    'callbackLinkSocialUri' => Router::fullBaseUrl() . '/callback-link-social/amazon',
                ]
            ],
        ],
    ]
];

return $config;

/src/Config/permissions.php

<?php

return [
    'Users.SimpleRbac.permissions' => [
        //admin role allowed to all the things
        [
            'role' => [GROUP_SUPER_ID, GROUP_ADMIN_ID],
            'prefix' => '*',
            'extension' => '*',
            'plugin' => '*',
            'controller' => '*',
            'action' => '*'
        ],
        //specific actions allowed for the all roles in Users plugin
        [
            'role' => '*',
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => ['profile', 'logout', 'linkSocial', 'callbackLinkSocial'],
        ],
        [
            'role' => '*',
            'plugin' => 'CakeDC/Users',
            'controller' => 'Users',
            'action' => 'resetGoogleAuthenticator',
            'allowed' => function (array $user, $role, \Cake\Http\ServerRequest $request) {
                $userId = \Cake\Utility\Hash::get($request->getAttribute('params'), 'pass.0');
                if (!empty($userId) && !empty($user)) {
                    return $userId === $user['id'];
                }

                return false;
            }
        ],
        //all roles allowed to Pages/display
        [
            'role' => '*',
            //'plugin' => null,
            'controller' => 'Pages',
            'action' => 'display',
        ]
    ]
];

/src/Controllers/Admin/UsersController.php

<?php
namespace App\Controller\Admin;

use App\Controller\Admin\AppController;
use CakeDC\Users\Controller\Traits\ProfileTrait;
use CakeDC\Users\Controller\Traits\SimpleCrudTrait;
use CakeDC\Users\Model\Table\UsersTable;
use Cake\Utility\Inflector;

/**
 * Users Controller
 *
 *
 * @method \App\Model\Entity\User[]|\Cake\Datasource\ResultSetInterface paginate($object = null, array $settings = [])
 */
class UsersController extends AppController
{
    use ProfileTrait;
    use SimpleCrudTrait {

        index as protected traitIndex;
        add as protected traitAdd;
        edit as protected traitEdit;
    }


    public function index()
    {
        $table = $this->loadModel();
        $authUser = $this->Auth->user();
        $conditions = [];
        if ($authUser['role'] != GROUP_SUPER_ID) {
            $conditions['role !='] = GROUP_SUPER_ID;
        }
        $tableAlias = $table->alias();
        $this->set($tableAlias, $this->paginate($table, $conditions));
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
    }

    /**
     * Add method
     *
     * @return mixed Redirects on successful add, renders view otherwise.
     */
    public function add()
    {
        $table = $this->loadModel();
        $tableAlias = $table->alias();
        $entity = $table->newEntity();
        $this->set($tableAlias, $entity);
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
        if (!$this->request->is('post')) {
            return;
        }
        $entity = $table->patchEntity($entity, $this->request->getData());
        $entity->role = $this->request->data('role');
        $singular = Inflector::singularize(Inflector::humanize($tableAlias));
        if ($table->save($entity)) {
            $this->Flash->success(__d('CakeDC/Users', 'The {0} has been saved', $singular));

            return $this->redirect(['action' => 'index']);
        }
        $this->Flash->error(__d('CakeDC/Users', 'The {0} could not be saved', $singular));
    }

    /**
     * Edit method
     *
     * @param string|null $id User id.
     * @return mixed Redirects on successful edit, renders view otherwise.
     * @throws NotFoundException When record not found.
     */
    public function edit($id = null)
    {
        $table = $this->loadModel();
        $tableAlias = $table->alias();
        $entity = $table->get($id, [
            'contain' => []
        ]);
        $this->set($tableAlias, $entity);
        $this->set('tableAlias', $tableAlias);
        $this->set('_serialize', [$tableAlias, 'tableAlias']);
        if (!$this->request->is(['patch', 'post', 'put'])) {
            return;
        }
        $entity = $table->patchEntity($entity, $this->request->getData());
        $entity->role = $this->request->data('role');
        $singular = Inflector::singularize(Inflector::humanize($tableAlias));
        if ($table->save($entity)) {
            $this->Flash->success(__d('CakeDC/Users', 'The {0} has been saved', $singular));

            return $this->redirect(['action' => 'index']);
        }
        $this->Flash->error(__d('CakeDC/Users', 'The {0} could not be saved', $singular));
    }
}

If I change the database directly and set the field "is_superuser" to "1" the new user can log in without error. But I can't find where the problem is.

Thanks.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
douyan9417 2018-05-24 11:14
关注
Check debug.log when debug is true to understand the rules evaluation and debug the issue. It looks like the logged in user (debug the user data from $this->Auth->user() role is not matching your defined rules.

Also check the correct key for defining permissions is CakeDC/Auth.permissions see https://github.com/CakeDC/users/blob/master/config/permissions.php#L53

I would modify the rule

[ 'role' => [GROUP_SUPER_ID, GROUP_ADMIN_ID], 'prefix' => '*', 'extension' => '*', 'plugin' => '*', 'controller' => '*', 'action' => '*' ],

And change role to * then debug the user and match the role is correct. Check first you can access the target page via this rule, then start restricting the rule to what you need.
本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户 php
2018-05-24 10:09

回答 1 已采纳 Check debug.log when debug is true to understand the rules evaluation and debug the issue. It look
页面未正确重定向 php
2016-09-01 03:18

回答 1 已采纳 Your redirector.php will run before all controllers.. So the code redirect will work before your l
将某些用户重定向到不同的页面（PHP） php
2017-01-18 17:54

回答 2 已采纳 You need to cut off your email string, if you want to compare only the last part. $cmp = ".abc@em
配置Tomcat错误页面重定向
2022-12-06 10:23

奋斗2020的博客 tomcat配置错误页面重定向
如何使用PHP中的JavaScript将用户重定向到另一个页面？ html javascript php
2018-08-26 05:15

回答 1 已采纳 Standard "vanilla" JavaScript way to redirect a page You can use the code below to redirect the u
添加两个头函数后，PHP“页面没有正确重定向” php
2019-03-28 06:26

回答 1 已采纳 Changed the second function to this. And now it works function endsWith($haystack, $needle) {
如何在php中创建一个错误处理程序，以便在发生特定错误时重定向用户？ php
2018-12-10 21:00

回答 1 已采纳 Don't send any output via "echo" or similar because you can't redirect AFTER you've already starte
用户登录后重定向到原来访问页面
2018-11-22 09:53

xiaozaq的博客后台管理系统一般都会校验权限，当用户未登录，或者登录后长时间为操作导致session失效，权限校验会导致用户重定向到登录页面。此时希望用户在登录后返回原来的页面。具体实现方法如下： 1.权限校验重定向到登录...
页面重定向到新页面报404错误，如何解决？ eclipse java
2021-07-18 13:09

回答 3 已采纳 重定向404就是路径不对：1.文件不能在web-inf下转发可以2.重定向如果是同级不需要/3.可以截图把结构与代码放出来
WordPress：如何每次将特定用户重定向到特定页面？这与登录后无关 php
2019-01-27 02:21

回答 1 已采纳 You can use the built-in wp_redirect() function. Use a hook where there has been no output yet but
mysql将用户重定向到基于角色php的不同页面 mysql php
2016-10-19 10:07

回答 3 已采纳 You should check the user role. Here is an example how you can check it. P.S the adminfile.php a
重定向页面的问题与解决方法
2020-02-12 20:12

胸大的请先讲的博客 // 返回检查cookies中有没有用户，没有就重定向到登录页面 function getCookie ( NameOfCookie ) { if ( document . cookie . length > 0 ) { begin = document . cookie . indexOf ( ...
如果未登录，则将用户重定向到另一个页面？ php
2017-10-15 10:49

回答 1 已采纳 On top of your forums.php, check if the session is active, and if not, issue an HTTP redirect. &l
页面跳转的两种实现方式：重定向与转发
2022-01-09 18:42

春风化作秋雨的博客 1、重定向 客户端向服务器端发送一个请求servlet1，服务器端接收servlet1，servlet1执行完后调用了sendRedirect()方法，立即向客户端返回这个响应，响应行告诉客户端你必须要再发送一个servlet2请求，客户端收到这...
【React Router 6 快速上手一】重定向Navigate / useRoutes路由表 / 嵌套路由Outlet
2022-08-15 08:49

蜡笔雏田学前端的博客 react-router: 路由的核心库，提供了很多的：组件、钩子。...与React Router 5.x 版本相比，改变了什么？内置组件的变化：移除，新增等。变为等。useParams、、useMatch等。官方明确推荐函数式组件了！！！…......
没有解决我的问题, 去提问

悬赏问题

¥15 把Excel导入MATLAB显示错误怎么解决？
¥15 Java中消息和缓存如何使用
¥50 易语言把MYSQL数据库中的数据添加至组合框
¥20 求数据集和代码#有偿答复
¥15 关于下拉菜单选项关联的问题
¥20 java-OJ-健康体检
¥15 rs485的上拉下拉，不会对a-b<-200mv有影响吗，就是接受时，对判断逻辑0有影响吗
¥15 使用phpstudy在云服务器上搭建个人网站
¥15 应该如何判断含间隙的曲柄摇杆机构，轴与轴承是否发生了碰撞？
¥15 vue3+express部署到nginx

该页面未正确重定向错误与插件CakeDC /用户创建新用户没有超级用户

1条回答 默认 最新

悬赏问题

1条回答默认最新