francky06l wrote: > Great articles, really good timing since I am investigating the ACL in > 1.2. > > I have seen in the db_acl.php a AcoAction object, but no idea to use > it. I want to use ACL to control the access to controller/action, > however the "actions" defined in the acos_aros table does not fit all > the needs. > I could create a ACO for an action that has the controller ACO has > parent, and then use it in allow / deny order. > > But what would be the best way to authorize all actions for a > controller, and deny only few for some Aro's (minimizing the numbers > of Aco ?) ? > > Thanks > > On Jul 13, 4:16 pm, Ketan Patel <[EMAIL PROTECTED]> wrote:
The case you are talking would suit some conditions which are not record specific. Like say in general index action of posts controller. You would create an Aco for Index action and check if the access is allowed or not. Take a look at Auth Component and take some concepts from there, like $actionMap and see if you could use Auth component or create one on your own. Map the actions to the CRUD actions and then depending on that you give the access. My article deals with record level access control which in turn can be applied to controller actions. Because each controller some way does interact with the records. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
