Custom users.php configuration not working

[DJAxel]

I'm having a hard time integrating the plugin into my existing CakePHP 4.2.5 application. I had my User model, the cakephp/authentication plugin and cakephp/authorization plugin already configured and working, and want to use CakeDC/users for the RBAC capabilities.

TL;DR Read the four questions at the very end.

Problem description As I understand from the installation docs, the plugin should be loaded and then a custom configuration file (config/users.php) can be set. The configuration docs mention that the "configuration setting must be set before loading the Users plugin". Either order did not work for me.

I copied the contents from /vendor/cakedc/users/config/users.php into a new file /config/users.php and changed the table and model classes accordingly:

$config = [
    'Users' => [
        // Table used to manage users
        'table' => 'Users',
        // Controller used to manage users plugin features & actions
        'controller' => 'Users',

        // more config stuff...
    ]
];

When trying to load my /users/ route, the Authorization plugin gives an exception because no authorization check was done in the given action. I did use $this->Authorization->skipAuthorization() in my own UsersController, so I believe CakeDC/Users is still using it's own controller. I unloaded the Authorization plugin and then the Authentication plugin (since I believe CakeDC already uses them under the hood), but that just results into a redirect from /users/ to the root folder of my server (one folder above my CakePHP application root folder).

Questions

Given the above, I have the following concrete questions which I think the documentation should be clear about:

• Does the order of loading the plugin and setting the configuration matter, and if so: what is the correct order?
• Why does CakeDC/Users still use it's own UsersController class after configuring my own?
• Do I need to configure the Authentication and Authorization plugins myself, or will CakeDC/Users do this under the hood for me?
• What could be causing the redirect from /[app_root]/users to /?

[DJAxel]

Nobody knows the answer to this?

[steinkel]

Hi @DJAxel please post here or gist your current configuration (excluding secrets) to see if you have an issue loading the plugin.

About your questions

• Does the order of loading the plugin and setting the configuration matter, and if so: what is the correct order? https://github.com/CakeDC/users/blob/master/Docs/Documentation/Configuration.md#overriding-the-default-configuration the right way to ensure everything is correctly setup is

// The following configuration setting must be set before loading the Users plugin
Configure::write('Users.config', ['users']);
Plugin::load('CakeDC/Users', ['routes' => true, 'bootstrap' => true]);

Then you can override specific items in your Application::pluginBootstrap function, after the plugin is configured.

• Why does CakeDC/Users still use it's own UsersController class after configuring my own?

Your configuration is possibly not being loaded.

• Do I need to configure the Authentication and Authorization plugins myself, or will CakeDC/Users do this under the hood for me?

The plugin uses Authentication and Authorization and provides a default configuration for them, you are free to change/override this configuration, or tell the plugin NOT to load them and load them by yourself.

• What could be causing the redirect from /[app_root]/users to /

/users/ will route to UsersController::index by default, unless you create a specific route. Redirect is caused either when you are not authenticated and your login url is / or when you ARE authenticated but you are not allowed to access the action, in this case check your logs and you'll see traces about the RBAC rules failed.

If you want to review an existing project using a custom controller, check this one https://github.com/CakeDC/users-example/tree/develop-extend-plugin (note it's a bit old, but the same concepts)