Duh... I posted to soon, this is the function:
--------------------
function _getAllowedIds ($model, $access_type) {
//this function returns a comma delimited string of id's that the
logged in user has access to in the model given.
$aro = new Aro();
// Get the username. It may be better to pass this to the
function
$user = $this->Session->read('User');
$aroAlias = 'User::'.$user['id'];
$aroNode = $this->Acl->Aro->node($aroAlias);
$permission = new Permission();
//loop from branches of aro tree to top
for ($i = 0; $i < count($aroNode) -1; $i++) {
$temp[] = $permission->findAllByAro_id($aroNode[$i]['Aro']
['id']);
}
$Aco = new Aco();
$acos = array();
// Iterate through the links. The temp array (containing
// permission entries) is sorted by aro, and leaves comes before
// their parrents
foreach ($temp as $tempAro) {
// Iterate through each Aco attached the the current Aro
foreach ($tempAro as $tempLink) {
if (preg_match ("/^".$model."::\d+$/", $tempLink['Aco']['alias']))
{
//the following contruction assures that permissions are
//taken from the bottoms-most aro in the aro tree. I.e. if a
//user belongs to a group, the group has access to a file
//but the user does not, the user should not have
//access. First time we arrive here, the permission for a
//given aco is set to whatever it is for the bottom-most
//aro. Second time we arrive the permission is only changed
//if permission has not been specified in the first place.
if (array_key_exists($tempLink['Aco']['alias'], $acos)) {
switch($acos[$tempLink['Aco']['alias']]) {
case -1:
$acos[$tempLink['Aco']['alias']] = -1;
break;
case 0:
$acos[$tempLink['Aco']['alias']] = $tempLink['Permission']['_'.
$access_type];
break;
case 1:
$acos[$tempLink['Aco']['alias']] = 1;
break;
}
} else {
$acos[$tempLink['Aco']['alias']] = $tempLink['Permission']['_'.
$access_type];
}
}
}
// the acl model in this application is contructed such that
Picture::id (or Text::id etc.) acos do not have children.
// this means that there is no reason to find children on the
acos in this loop
}
//extract the id's
$acos_out = array();
foreach ($acos as $key => $aco) {
if ($aco == 1) {
array_push($acos_out,preg_replace("/^".$model."::(\d+)/", "$1",
$key));
}
}
//create a comma delimited string of id's
$string = implode(",", $acos_out);
return $string;
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
