I assume you're expecting edit to correspond to the "update" field? I
was fairly certain Cake would interpret edit as an equivalent for
update, but try changing the ACO call from /users/edit to /users/
update and see if that works.
- James
On Jul 10, 5:12 am, Mattijs <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Searched for a similar post but none seem to mention my problem.
>
> The ACO is as follows:
>
> [1] Users
> ---- [2] dashboard
>
> I have granted the group 'employees' permission to [2] directly. I
> have granted the group 'admin' permission to [1]. Since the the admin
> group is parent of employees both are getting access to /users/
> dashboard/.
>
> The problem is when trying to access /users/edit/; both employees and
> admin's are getting $this->Acl->check = false.
>
> I've narrowed the problem down to the following part of the query
> selecting permissions: WHERE `Permission`.`aro_id` = 2 AND
> `Permission`.`aco_id` = (''). The ACO id from the users entry is
> ignored!
>
> When looking at the code constructing the query I find:
>
> if (
> !isset($result[0][$type]) ||
> (!empty($path) && $result[0][$type]['alias'] != $path[count($path) -
> 1]) ||
> (empty($path) && $result[0][$type]['alias'] != $start)
> ) {
> return false;
>
> }
>
> As such, my ACO is ignored because the alias "Users" isn't equal to
> $path[0], which is "edit".
>
> Changing the 2nd "||" to "&&" solves the problem entirely. I am
> wondering wether I am doing something wrong or if I've found a glitch
> in the db_acl code.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
