AuthComponent: Difference between allowedActions and allow()?

Asked 24/4, 2010 at 16:53 Answered 28/12, 2012 at 4:40

What is the difference between using AuthComponent::allowedActions and AuthComponent::allow? When I Google, I see the majority of examples and documents using or talking about allow(), but only a few using allowedActions. But they both seem similar in usage.

Capable answered 24/4, 2010 at 16:53 Comment(0)

allowedActions is a property that contains a list of allowed actions.

allow() is a method that adds actions to the allowedActions property.

When you call the allow() method, it will merge the actions you specify with the actions already kept in allowedActions.

You can bypass the allow() method and assign an array of allowed actions to the allowedActions property directly, but I would only do that if I absolutely had to override any actions previously added (for example, by a parent class) to this property. The official documentation makes no reference to the allowedActions property.

Paraesthesia answered 24/4, 2010 at 19:11 Comment(1)

+1 I just came across this today. I had reached the same conclusion by looking at the core. Thanks for the clarification. allowedActions is referenced in the CakePHP 1.3 Book. But the difference is still unclear. – Cyzicus 11/1, 2012 at 15:22

In 2.x use:

$this->Components->disable('Security');

Zoography answered 28/12, 2012 at 4:40 Comment(0)

Recommended topics

Hot tags