I have been trying to use the Acl->deny() function (with database stored
ACL) to remove a user's access to certain actions in my application.
However deny() appears to "allow" rather than "deny" access.
After about an hour of fiddling and reviewing log output I manually
changed all permissions fields in the user's ArosAco records from 1 to 0
When I tried to access the denied pages I was blocked (as expected).
Then I ran my Acl->deny() code again and checked the database. The
permissions fields in the user's records had been switched back to 1.
exact code being executed:
$this->Acl->deny('[EMAIL PROTECTED]', 'subscription_1');
$this->Acl->deny('[EMAIL PROTECTED]', 'subscription_2');
This is based on the example code from the manual:
$this->Acl->deny('Abraham Lincoln', 'United States Army');
Is this known behavior, or is it a bug? Or am I missing something ...
I have had a look through the ACL code, but can't see why the deny
wouldn't work.
Any feedback would be much appreciated.
Regards,
Langdon
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
