I was able to get Auth and Acl in 1.2 working pretty quickly following
the articles on Bakery / Lemoncake / @TheKeyboard. AROs and ACOs are
automatically created and even the relation in aros_acos is created.
Everything works great, except users can edit *their* records and
*other user* records.
The only solution I've come with so far is to add an ACL check to the
controller beforeFilter(). It seems like there should be a simpler
way.
function beforeFilter()
{
$this->__setupAuth();
$this->__recordCheck();
}
function __recordCheck()
{
$user_id = ($this->getUserId()) ? $this->getUserId() : false;
$record_id = (isset($this->params['pass'][0])) ? $this-
>params['pass'][0] : false;
$crud_action = (isset($this->Auth->actionMap[$this-
>params['action']])) ? $this->Auth->actionMap[$this-
>params['action']] : false;
if ( $crud_action && $record_id && $user_id )
{
$access = $this->Acl->check(
array('model'=>'User', 'foreign_key'=>$user_id),
array('model'=>'Post', 'foreign_key'=>$record_id),
$crud_action);
if ($access) {
$this->Auth->allow();
}
}
}
function __setupAuth() {
if(isset($this->Auth)){
$this->Auth->loginAction='/users/login';
$this->Auth->loginRedirect='/users/account';
$this->Auth->authorize='crud';
if(in_array(low($this->params['controller']),$this-
>publicControllers)){
$this->Auth->allow();
}
}
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
