I have Views Caching set up on the index action of my controller using
class DiaryController extends AppController {
...
var $cacheAction = array('index' => "+56 hours");
function index($week = null) {
...
}
}
with the following options in app/config/core.php:
Configure::write('Cache.check', true);
...
Cache::config('default', array('engine' => 'File'));
The index action on the diary controller (and the rest of the site!) should only be accessible to authenticated users, using the AuthComponent with
class AppController extends Controller {
...
var $components = array('Auth', 'Security', 'Session','Cookie','RequestHandler');
function beforeFilter() {
$this->Auth->userModel = 'Admin';
...
}
...
}
I want to map the root of the site to my login form using
Router::connect('/', array('controller' => 'admin', 'action' => 'login'));
in app/config/routes.php. All appears to work okay, until I log out and then try to visit mytestsite.com/diary/index in the browser. I can still access the pages even though I am not logged in. I believe this is an issue with the caching because I can only access the urls which I have files for in app/tmp/cache/views. Changing the $week parameter for the index action to a value that I do not have a cache file for results in a You are not authorized to access that location. message.
The strange thing is that if I map the root of the site to the index action of the DiaryController, with
Router::connect('/', array('controller' => 'diary', 'action' => 'index'));
(again in app/config/routes.php) I don't have this problem.I cannot access the cached diary index views when I am not logged in.
Has anyone experienced this problem before? Can you suggest something I might have missed? Or do you know if this is a bug in the core files? I am using CakePHP 1.3.15.
