Your actions need to be added to the ARO trees in the database if they
don't correspond to a default CRUD value (and like I just said, I
don't think that even works since there's a separate action field).
Try adding your actions to the database?
- James
On Jul 10, 9:53 am, Mattijs <[EMAIL PROTECTED]> wrote:
> You might indeed be right about this example (/users/edit/) so I tried
> to access /users/anotheraction/ and got the exact same results. So far
> I have been testing with my change of the code (replacing OR with AND)
> and the results I get so far seem to be correct;
>
> The function check is succesfully requesting the ARO and ACO data from
> the database; it fails however in creating the list of acoIDs for the
> permission query.
>
> On 10 jul, 14:34, James K <[EMAIL PROTECTED]> wrote:
>
> > Actually, I've just double checked the API and I don't even know if
> > it'll accept a CRUD value as part of the ARO object. the check
> > function expects an ARO, an ACO and an action (*, add, update, edit,
> > delete, etc) as a separate parameter. You might want to try that as
> > well.
>
> > - James
>
> > On Jul 10, 8:32 am, James K <[EMAIL PROTECTED]> wrote:
>
> > > I assume you're expecting edit to correspond to the "update" field? I
> > > was fairly certain Cake would interpret edit as an equivalent for
> > > update, but try changing the ACO call from /users/edit to /users/
> > > update and see if that works.
>
> > > - James
>
> > > On Jul 10, 5:12 am, Mattijs <[EMAIL PROTECTED]> wrote:
>
> > > > Hi,
>
> > > > Searched for a similar post but none seem to mention my problem.
>
> > > > The ACO is as follows:
>
> > > > [1] Users
> > > > ---- [2] dashboard
>
> > > > I have granted the group 'employees' permission to [2] directly. I
> > > > have granted the group 'admin' permission to [1]. Since the the admin
> > > > group is parent of employees both are getting access to /users/
> > > > dashboard/.
>
> > > > The problem is when trying to access /users/edit/; both employees and
> > > > admin's are getting $this->Acl->check = false.
>
> > > > I've narrowed the problem down to the following part of the query
> > > > selecting permissions: WHERE `Permission`.`aro_id` = 2 AND
> > > > `Permission`.`aco_id` = (''). The ACO id from the users entry is
> > > > ignored!
>
> > > > When looking at the code constructing the query I find:
>
> > > > if (
> > > > !isset($result[0][$type]) ||
> > > > (!empty($path) && $result[0][$type]['alias'] !=
> > > > $path[count($path) -
> > > > 1]) ||
> > > > (empty($path) && $result[0][$type]['alias'] != $start)
> > > > ) {
> > > > return false;
>
> > > > }
>
> > > > As such, my ACO is ignored because the alias "Users" isn't equal to
> > > > $path[0], which is "edit".
>
> > > > Changing the 2nd "||" to "&&" solves the problem entirely. I am
> > > > wondering wether I am doing something wrong or if I've found a glitch
> > > > in the db_acl code.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
