CakePHP/MVC Admin functions placement

Question

This is a question more for opinions rather than for a solution to a specific problem.

I am working with CakePHP for the first time and am working on the admin part of the site now.

Where do you, as an MVC or CakePHP developer like to put your admin functions?

Initially I was putting them in an AdminController, but have since changed to putting the functions in a controller that is meant for the type of data being manipulated. For example, I put the user listings/editing in the UserController.

To me this makes more sense since there is likely to be functionality in the UserController that may be useful.

If you leave a response, could you please leave a few words saying why? Perhaps it is a moot point.

take care, lee

-- Edit

if ($this->Auth->user('user_type') == 1){//double-check the user is Admin
            $this->Auth->allow('display');
            $this->Auth->allow('watch');

joshua.paling · Accepted Answer · 2012-07-04T09:11:06.793

I don't think it's a moot point. Put the admin functions in their respective controllers (ie, not all together in one 'admin' controller), and use 'admin' prefix routing, built into Cake, to keep them secure. This is the CakePHP sanctioned way to do it, and CakePHP allows you to create admin functions in this way via the Bake console.

You can protect all controller functions prefixed by admin_ with a few simple lines of code in your AppController, and all admin functions can be accessed via tidy, consistent URLs like this: http://www.example.com/admin/my_controller/my_function

This should get you started: http://book.cakephp.org/2.0/en/development/routing.html#prefix-routing

Let me know if you need more help and I'll update my answer with more info.

EDIT: More info...

Here's some steps to set up admin routing:

1/ in app/Config/core.php, around line 113, make sure this line exists and is uncommented:

    Configure::write('Routing.prefixes', array('admin'));

2/ In app/Controller/AppController.php (ie, the controller superclass), test for admin routing in your beforeFilter method. Do NOT do this in the beforeFilter of each controller - that is not in tune with DRY principles. Here's my before filter method as an example:

function beforeFilter() {
    if (isset($this->request->params['admin'])) {
            // the user has accessed an admin function, so handle it accordingly.
        $this->layout = 'admin';
        $this->Auth->loginRedirect = array('controller'=>'users','action'=>'index');
        $this->Auth->allow('login');
    } else {
            // the user has accessed a NON-admin function, so handle it accordingly.
        $this->Auth->allow();

    }
}

3/ Prefix all your admin functions with admin_ and they should automatically be available via prefix routing.

eg.

function admin_dostuff () { echo 'hi from the admin function'; } // This will be available via http://www.example.com/admin/my_controller/dostuff

function dostuff () { echo 'hi from the NON-admin function'; } // This will be available via http://www.example.com/my_controller/dostuff

Once you've got that set up, all you need to do is prefix admin functions with admin_, and Cake will handle it all for you. Make sense?

EDIT 2:

Here's some quickly-written example code that should help your situation.

function beforeFilter() {
    if (isset($this->request->params['admin'])) {
        // the user has accessed an admin_ function, so check if they are an admin.
        if ($this->Auth->user('user_type') == 1){
            // an Admin user has accessed an admin function. We can always allow that.
            $this->Auth->allow();
        } else {
            // A non-admin user has accessed an admin function, so we shouldn't allow it.
            // Here you can redirect them, or give an error message, or something
        }
    } else {
        // the user has accessed a NON-admin function, so handle it however you want.
        $this->Auth->allow(); // this example gives public access to all non-admin functions.
    }
}

Hello. Thanks. CakePHP is big and things like this seem to be something you either have to be told about or stumble across. I'm not sure what the advantage of prefixing would have over my current system; Right now, I have an admin user type and test for it at the beginning in the BeforeFilter() of each Controller that has admin functions. It seems that even with the prefixing, I would still need to do the same check. The only difference would be the 'admin' addition to both the URL and the function name. - lee — Lee Loftiss, Jul 04 '12 at 07:50
Totally know what you mean about the stumble across / told about situation. Cake's a bit of a steep learning curve, but well worth it. I've updated my answer with more info. Let me know if you need any more help. — joshua.paling, Jul 04 '12 at 08:09
Hello. Thanks for your continued help. From your example, it seems all you are doing is redirecting someone to log in if they try to access an admin area. In my system, the user is already logged in and the system knows they are an admin user. Right now, in each controller that has admin functions, it checks in the BeforeFilter() to see if there should be an Auth->allow(). Is there some way to make a broad allow for all functions that begin with 'admin_' if the the user is admin? — Lee Loftiss, Jul 04 '12 at 08:21
Can you paste some example code from your before filter in your original question? — joshua.paling, Jul 04 '12 at 08:24
See Edit 2 in my answer. I wrote it pretty quickly, but I think it should work or set you on the right track. — joshua.paling, Jul 04 '12 at 09:12
Ah..that looks perfect. I should have been able to guess you could do a blanket Auth->Allow() like that. Thanks for all your help. Sorry I can only upVote once. — Lee Loftiss, Jul 04 '12 at 09:59

CakePHP/MVC Admin functions placement

1 Answers1

Linked