Pass array('foreign_key' => $id, 'model' => 'Post') as the aco to check().
On Jan 9, 2008 11:48 AM, Andreas <[EMAIL PROTECTED]> wrote: > > Hi, > > bit new to ACL and having some problems when I want to check for > permissions before deleting a post using the ACL setup from > http://bakery.cakephp.org/articles/view/how-to-use-acl-in-1-2-x. Is it > possible to check permissions using the foreign_key if no alias is > present? > > In the Post/view action I have the following check: > > if(@$this->Acl->check('User::'.$this->Session- > >read('Auth.User.id'),'User::'.$post[0]['Post']['user_id'],'*')){ > $this->set('owner',true); > } else{ > $this->set('owner',false); > } > > if true a link is displayed in the view to the Post/delete action > which looks like this > > function delete($id = null) > { > if ($id == null) > { > // Error > exit; > } > if ($this->Acl->check('User::'.$this->Session- > >read('Auth.User.id'), $id, 'delete')) > { > $this->flash('allowed','/post/view/'.$id); > } > else { > $this->flash('denied','/post/view/'.$id); > } > } > the $id is the same as the foreign_key in the ACO table, the alias > column is blank for posts so how to I perform the check without an > alias? > > The code for saving a post looks like this > > if($this->Post->save($this->data)) > { > // ACL > $aroNode = array( > 'model' => 'User', > 'foreign_key' => $id > ); > $acoNode = array( > 'model' => 'Post', > 'foreign_key' => $this->Post- > >getLastInsertID(), > // 'alias' => 'Post::'.$this->Post- > >getLastInsertID() > ); > $this->Acl->allow($aroNode,$acoNode,'*'); > } > the out-commented line is my attempt to save an alias as well but it > didn't work... > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---