Authentification checker loop
The Auth loop perform authorisation checks against the current user. This loop returns nothing if the authorization fails, or the loop contents if it succeeds.
You may check in the front office if an administrator is logged in, and perform specific functions in your front-office template (such as direct editing, for example).
{loop type="auth" name="the-loop-name" [argument="value"], [...]}Important informations :
* : argument is required
** : at least one of ** marked argument is required
Loop arguments
| Argument | Description |
|---|---|
| access |
A comma separated list of access, . If empty or missing, the authorization is checked against the roles only
Expected values :
|
| module |
A comma separated list of modules |
| resource |
A comma separated list of resources |
| role * |
A comma separated list of user roles example : role="ADMIN" or can be role="CUSTOMER" |
Loop outputs
| Variable | Description |
|---|
I want to check if current administrator is allowed tu use the back-office search function.
{loop type="auth" name="can_create" role="ADMIN" resource="admin.administrator" access="CREATE"}
<a title="{intl l='Create a new administrator'}" href="#administrator_create_dialog" data-toggle="modal">
<span class="glyphicon glyphicon-plus"></span>
</a>
{/loop}
The role is ADMIN, which mean that the current user should have the "ADMIN" role.
The permission is "admin.administrator", which is the identifier of the administrator permission.
According to the access attribute, the current user should have the CREATE permission.
I want to check if the customer is logged in, or not.
{loop type="auth" name="customer_info_block" role="CUSTOMER"}
<p>Your are logged in. <a href="{viewurl view='index' action='logoutCustomer'}">Logout</a></p>
{/loop}
{elseloop rel="customer_info_block"}
You are not logged in. <a href="{viewurl view='login'}">Login now</a> or <a href="{viewurl view='create_account'}">create your account</a>
{/elseloop}