You can hack ACL.php to allow this. Make it return TRUE for ALLOW, FALSE for DENY, and '' (empty string) for "NOT SET".
This way code that is looking for a boolean will still detect the empty string as false. Having this option of "no permissions" allows you to have groups which don't specifically contradict other groups, combined with a "allow then deny" or "deny then allow" you can have the muliple groups interacting without the "no permissions" groups being read as a deny in your ACL setup admin UI. -Ben On May 15, 2:17 am, Misplacedme <[email protected]> wrote: > I'm needing a slightly tougher method of verifying a users access. > There will be 3 tables. > > Users (id,username, password) > Groups (id, group_name) > group_users (id, user_id, group_id) > > I'm assuming that the acos, aros, and acos_aros tables will be used as > well, or some variation of it. > > All access is restricted from the get-go. > Each group can be given access to actions, none will restrict. > Finally, the user will be able to have individual actions that can be > granted/restricted. > > Is this even possible, or do I need to work on my own little auth > system? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
