Fixed flaw in blog-tutorial's authentication rules.

author: mikl <> 2008-05-05 13:02:01 +0000
committer: mikl <> 2008-05-05 13:02:01 +0000
commit: 8603509e30ec505ec666797a1ae2c16ea7338ab2 (patch)
tree: 9a6544509c54fd93742e0d59fff0e4e870c9e088 /demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
parent: 6c51785e6ab1ae1589f71c4ec79f3b03aee6c824 (diff)
1 files changed, 0 insertions, 14 deletions
diff --git a/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page b/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
index a91895a9..a278fa69 100644
--- a/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
+++ b/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
@@ -127,20 +127,6 @@ All <a href="http://www.pradosoft.com/docs/classdoc/TDataBoundControl">data-boun
 </com:TipBox>
 
 
-<h2>Adding Permission Check</h2>
-<p>
-Since <tt>AdminUser</tt> should only be accessible by administrators, we need to adjust the page configuration file <tt>protected/pages/users/config.xml</tt> accordingly.
-</p>
-<com:TTextHighlighter CssClass="source" Language="xml">
-<?xml version="1.0" encoding="utf-8"?>
-<configuration>
-  <authorization>
-    <allow pages="NewUser,AdminUser" roles="admin" />
-    <deny users="?" />
-  </authorization>
-</configuration>
-</com:TTextHighlighter>
-
 <h2>Testing</h2>
 <p>
 To test the <tt>AdminUser</tt> page, visit the URL <tt>http://hostname/blog/index.php?page=users.AdminUser</tt>. You may be required to login as an administrator first if you have not done so. We shall expect to see the following result.
author	mikl <>	2008-05-05 13:02:01 +0000
committer	mikl <>	2008-05-05 13:02:01 +0000
commit	8603509e30ec505ec666797a1ae2c16ea7338ab2 (patch)
tree	9a6544509c54fd93742e0d59fff0e4e870c9e088 /demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
parent	6c51785e6ab1ae1589f71c4ec79f3b03aee6c824 (diff)