Hi all, I am working on implementing RBAC using ACL. I am really close but I am getting an error and I am hoping you can shed some light on it. I have pasted my entire ACO and ARO trees below for reference.
When I run the following using the Cake console it works as expected: [swright@swright-dev app]$ cake acl check Group.4 controllers/ Solidcores "*" Group.4 is allowed. *************************************************************************************************** However if I do this in my AppController::beforeFilter(): var_dump('Acl Check Result', $this->Acl->check( 'Group.' . $this->Session->read('Auth.User.group_id'), 'controllers/' . $this->name, "*" ) ); *************************************************************************************************** I get the following output in my browser: Warning (512): DbAcl::check() - Failed ARO/ACO node lookup in permissions check. Node references: Aro: Group.4 Aco: controllers/Solidcores [CORE/cake/libs/controller/components/ acl.php, line 273] string 'Acl Check Result' (length=16) boolean false *************************************************************************************************** Shouldn't I get the same result? *************************************************************************************************** ARO and ACO Tree dumps [swright@swright-dev app]$ cake acl view aro Aro tree: --------------------------------------------------------------- [1] Group.4 [4] User.4 [7] User.7 [2] Group.5 [5] User.5 [3] Group.6 [6] User.6 --------------------------------------------------------------- [swright@swright-dev app]$ cake acl view aco Aco tree: --------------------------------------------------------------- [1] controllers [2] Pages [3] display [4] add [5] edit [6] index [7] view [8] delete [9] AnalystUi [10] index [11] add [12] edit [13] view [14] delete [15] ThreatCenter [16] index [17] add [18] edit [19] view [20] delete [21] GtiData [22] index [23] add [24] edit [25] view [26] delete [27] PocDemos [28] index [29] add [30] edit [31] view [32] delete [33] Projects [34] index [35] add [36] edit [37] view [38] delete [39] Products [40] index [41] add [42] edit [43] view [44] delete [45] Users [46] login [47] logout [48] index [49] view [50] add [51] edit [52] delete [53] Wam [54] index [55] add [56] edit [57] view [58] delete [59] Solidcores [60] index [61] processed_count [62] performance [63] add [64] edit [65] view [66] delete [67] ThreatVectors [68] index [69] add [70] edit [71] view [72] delete [73] Botnets [74] index [75] add [76] edit [77] view [78] delete [79] Tests [80] index [81] add [82] edit [83] view [84] delete [85] Groups [86] index [87] view [88] add [89] edit [90] delete [91] Main [92] index [93] add [94] edit [95] view [96] delete [97] GtiApi [98] index [99] add [100] edit [101] view [102] delete [103] Resources [104] index [105] add [106] edit [107] view [108] delete [109] Environments [110] index [111] add [112] edit [113] view [114] delete [115] Operations [116] index [117] add [118] edit [119] view [120] delete [121] Reports [122] index [123] add [124] edit [125] view [126] delete [127] GtiSdk [128] index [129] add [130] edit [131] view [132] delete -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php