It is important to note that the Authorization Component does not pass ID values when it automatically checks for access.
If this is the URL, and the user's ARO alias is 'frank': http://www.cakephp.org/users/edit/23 And you are using Auth in 'actions' mode, the Auth component makes the following call: $this->Acl->check('frank', 'Users/edit', '*'); If you are using Auth in 'crud' mode, the Auth component makes this call: $this->Acl->check('frank', 'Users', 'update'); Notice how the id is not passed. So if you have created an ACO node that is bound to User::23, and you have given update permission to that node to user frank, Auth will NOT automatically check that level of access. Instead you have to add this level of control into your application manually. Also, note that Auth is just using aliases here. On Apr 9, 4:01 am, "Dardo Sordi Bogado" <[EMAIL PROTECTED]> wrote: > > How do you do $this->Acl->check(...) from the View? > > I don't. That isn't view business. Probably you need to put that logic > in a component + helper to keep the MVC fairy happy. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
