I'm not an expert in this. This is my understanding. How the 4 action settings are used depends on the type of authorization mode you are using. If you select the CRUD mode Auth->authorize = 'crud', then the full functionality of the aros_acos table will be utilized, so that access will be granted to an action only if the column for that action is set to a value of ‘1’. So for this situation, you can have a mixture of "1" and "0" for the 4 action column.
But if you set Auth->authorize = 'actions' or Auth->authorize = 'controller', then the 4 settings are used differently. For example, I use Auth->authorize = 'actions'; then in the aros_acos table for a particular action, I have to set all 4 settings to "1" to allow access permission to that action or set to "0" to deny access. If any one of the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the entire node. Which is what you brought up as true and false setting. So if you want it to be true, set all 4 columns to "1", or if you want it to be false, set all to "0" (or at least one column to "0"). Not sure if that helps or not. If my understanding is incorrect, hopefully some experts will help explain it better. Cheers, Steve On Feb 20, 6:42 am, Joshua <[email protected]> wrote: > Thanks for your reply! > So what's meaning of these four actions, like > _update,_create,_read,_delete in table aros_acos? > We say an user has the read rights of an action post? > In my opinion, there should be only two status, true or false instead > of these four actions. If true, we can say an user has the right of > post action. If false, an user has no rights to the action. > ? > > On Feb 20, 10:09 pm, James Louie Puro <[email protected]> > wrote: > > > I think not...while AROs are elements trying to gain access to a protected > > system like users and groups, ACOs are elements (actions) that are being > > protected. > > > so you can add acos (action) in your controller just like function index, > > view...etc > > and assign AROs to it. > > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua <[email protected]> wrote: > > > > Is there anybody can help me? > > > > On Feb 20, 8:22 pm, Joshua <[email protected]> wrote: > > > > Hi, > > > > I try to add ACL to my application, but when I take a look at the > > > > table 'aros_acos', it seems there is only four actions in the table. > > > > Did it mean that we can only use four actions in our applications? > > > > Is there any body can explain this? Many thanks! > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
