CakePHP custom ACL Authorization using acos, aros & aros_acos Acl tables with extension api_
I am developing an restful API using CakePHP, I am trying to implement a custom authorization which authorize user using ACL, code looks something like <?php App::uses('BaseAuthorize', 'Controller/Component/Auth'); class ApiAuthorize extends BaseAuthorize { public function authorize($user, CakeRequest $request) { $allowed = false; $Acl = $this->_Collection->load('Acl'); list($plugin, $userModel) = pluginSplit($this->settings['userModel']); $action = $this->action($request); $cacheName = 'permissions_' . strval($user['id']); if (($permissions = Cache::read($cacheName, 'permissions')) === false) { $permissions = array(); Cache::write($cacheName, $permissions, 'permissions'); } if (!isset($permissions[$action])) { $User = ClassRegistry::init($this->settings['userModel']); $User->id = $user['id']; $allowed = $Acl->check($User, $action); $permissions[$action] = $allowed; Cache::write($cacheName, $permissions, 'permissions'); $hit = false; } else { $allowed = $permissions[$action]; $hit = true; } return $allowed; } } I am using same database for website(developed using croogo) and API so my database already has `acos`, `aros` & `aros_acos` tables of website so for API I am created ACL tables with api_ extension like `api_acos`, `api_aros` & `api_aros_api_acos` New schema of my ACL tables are CREATE TABLE IF NOT EXISTS `api_acos` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `parent_id` int(10) DEFAULT NULL, `model` varchar(255) DEFAULT '', `foreign_key` int(10) unsigned DEFAULT NULL, `alias` varchar(255) DEFAULT '', `lft` int(10) DEFAULT NULL, `rght` int(10) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; CREATE TABLE IF NOT EXISTS `api_acos_api_aros` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `api_aro_id` int(10) unsigned NOT NULL, `api_aco_id` int(10) unsigned NOT NULL, `_create` char(2) NOT NULL DEFAULT '0', `_read` char(2) NOT NULL DEFAULT '0', `_update` char(2) NOT NULL DEFAULT '0', `_delete` char(2) NOT NULL DEFAULT '0', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; CREATE TABLE IF NOT EXISTS `api_aros` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `parent_id` int(10) DEFAULT NULL, `model` varchar(255) DEFAULT '', `foreign_key` int(10) unsigned DEFAULT NULL, `alias` varchar(255) DEFAULT '', `lft` int(10) DEFAULT NULL, `rght` int(10) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; I am using custom ACL class from here https://github.com/FriendsOfCake/Authorize/blob/master/Controller/Component/Acl/HabtmDbAcl.php My question is where and how can I use my new database tables (`api_acos`, `api_aros` & `api_aros_api_acos`) for ACL lookup? Please point me to code from where I can take reference for custom ACL Authorization implementation. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.