You might indeed be right about this example (/users/edit/) so I tried
to access /users/anotheraction/ and got the exact same results. So far
I have been testing with my change of the code (replacing OR with AND)
and the results I get so far seem to be correct;
The function check is succesfully requesting the ARO and ACO data from
the database; it fails however in creating the list of acoIDs for the
permission query.
On 10 jul, 14:34, James K <[EMAIL PROTECTED]> wrote:
> Actually, I've just double checked the API and I don't even know if
> it'll accept a CRUD value as part of the ARO object. the check
> function expects an ARO, an ACO and an action (*, add, update, edit,
> delete, etc) as a separate parameter. You might want to try that as
> well.
>
> - James
>
> On Jul 10, 8:32 am, James K <[EMAIL PROTECTED]> wrote:
>
> > I assume you're expecting edit to correspond to the "update" field? I
> > was fairly certain Cake would interpret edit as an equivalent for
> > update, but try changing the ACO call from /users/edit to /users/
> > update and see if that works.
>
> > - James
>
> > On Jul 10, 5:12 am, Mattijs <[EMAIL PROTECTED]> wrote:
>
> > > Hi,
>
> > > Searched for a similar post but none seem to mention my problem.
>
> > > The ACO is as follows:
>
> > > [1] Users
> > > ---- [2] dashboard
>
> > > I have granted the group 'employees' permission to [2] directly. I
> > > have granted the group 'admin' permission to [1]. Since the the admin
> > > group is parent of employees both are getting access to /users/
> > > dashboard/.
>
> > > The problem is when trying to access /users/edit/; both employees and
> > > admin's are getting $this->Acl->check = false.
>
> > > I've narrowed the problem down to the following part of the query
> > > selecting permissions: WHERE `Permission`.`aro_id` = 2 AND
> > > `Permission`.`aco_id` = (''). The ACO id from the users entry is
> > > ignored!
>
> > > When looking at the code constructing the query I find:
>
> > > if (
> > > !isset($result[0][$type]) ||
> > > (!empty($path) && $result[0][$type]['alias'] !=
> > > $path[count($path) -
> > > 1]) ||
> > > (empty($path) && $result[0][$type]['alias'] != $start)
> > > ) {
> > > return false;
>
> > > }
>
> > > As such, my ACO is ignored because the alias "Users" isn't equal to
> > > $path[0], which is "edit".
>
> > > Changing the 2nd "||" to "&&" solves the problem entirely. I am
> > > wondering wether I am doing something wrong or if I've found a glitch
> > > in the db_acl code.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
