From 8603509e30ec505ec666797a1ae2c16ea7338ab2 Mon Sep 17 00:00:00 2001
From: mikl <>
Date: Mon, 5 May 2008 13:02:01 +0000
Subject: Fixed flaw in blog-tutorial's authentication rules.

---
 .../protected/pages/Day3/CreateAdminUser.page              | 14 --------------
 1 file changed, 14 deletions(-)

(limited to 'demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page')

diff --git a/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page b/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
index a91895a9..a278fa69 100644
--- a/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
+++ b/demos/blog-tutorial/protected/pages/Day3/CreateAdminUser.page
@@ -127,20 +127,6 @@ All <a href="http://www.pradosoft.com/docs/classdoc/TDataBoundControl">data-boun
 </com:TipBox>
 
 
-<h2>Adding Permission Check</h2>
-<p>
-Since <tt>AdminUser</tt> should only be accessible by administrators, we need to adjust the page configuration file <tt>protected/pages/users/config.xml</tt> accordingly.
-</p>
-<com:TTextHighlighter CssClass="source" Language="xml">
-<?xml version="1.0" encoding="utf-8"?>
-<configuration>
-  <authorization>
-    <allow pages="NewUser,AdminUser" roles="admin" />
-    <deny users="?" />
-  </authorization>
-</configuration>
-</com:TTextHighlighter>
-
 <h2>Testing</h2>
 <p>
 To test the <tt>AdminUser</tt> page, visit the URL <tt>http://hostname/blog/index.php?page=users.AdminUser</tt>. You may be required to login as an administrator first if you have not done so. We shall expect to see the following result.
-- 
cgit v1.2.3