On Jun 27, 11:22 am, Josoroma <[EMAIL PROTECTED]> wrote: > Second, i want to know if: when I use $aro->setParent... this means > that the Aro inherits all the permission of his-her child group?
No -- children inherit from parents, just the way PHP classes do (i.e., "class Child extends Parent"). While it sounds counter- intuitive, Guests could be the top level, with Contributor a child of Guest, Publisher a child of Contributor, etc. I've set up my groups like this. I am using Auth/ACL in "actions" mode rather than CRUD mode, in which each controller has its own ACO and all actions in that controller are child ACOs of the controller's ACO. Then I grant access to specific group AROs based on that. The standard user has a limited set of access, then the supervisor-type group adds the controller/action ACOs that it needs. This is more or less something like this: create aro / users create aro users supervisors create aco / reports create aco reports index create aco reports edit create aco reports delete create aco reports view (...etc. You have to have an ACO for every controller/action pair.) // let the "users" group use just the non-destructive actions. grant users reports index grant users reports view // supervisors can do everything in reports. grant supervisors reports all --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
