Thanks for your reply, Your description would enable people to work; however, if I have understood correctly, it relies on specifying permissions for individual users to override group permissions. This rather seems to me to then lose a lot of the advantage of using ACL.
My original question was posing a possible solution (or possibly a harebrained idea, I don't understand the underlying specifics enough) which would 'trick' the group mechanism by returning different parentIDs depending on what was most relevant at a particular time. Benjamin PS: I am also following http://groups.google.com/group/cake-php/browse_thread/thread/62178b38e2466286, which is obviously along similar lines. On Feb 12, 1:27 am, aranworld <[EMAIL PROTECTED]> wrote: > Sorry, I posted that too early. Let me try again: > > When Auth checks the Acl tables to give permission, it is using an > Alias based on the Controller/action pair -- if you are using Auth > under 'actions' mode. > > Under 'crud' mode, it checks for an alias using just the Controller > name. > > Thus, for each forum, you are going to be required to create unique > Controller/action strings. For example, for the part where people > talk about cars, your aliases might look like this: > > CarEnthusiastForum > -- add > -- edit > -- delete > -- index > > For the Television forum > > TVFansForum > -- add > -- edit > -- delete > -- index > > With such a setup, it then becomes quite easy to just give the admin > of the Car Forum all permissions to the CarEnthusiastForum controller, > but only give him member permissions on the TVFansForum controller. > > Obviously you might have a more complex set of controllers > ( CarForumPosts, CarForumTopics etc... ), but the basic idea is that > each forum is going to have to have a unique set of controllers for > this to work. > > On Feb 11, 3:15 pm, aranworld <[EMAIL PROTECTED]> wrote: > > > When Auth checks the Acl tables to give permission, it is using an > > Alias based on the Controller/action pair. > > > Thus, for each forum, you are going to be required to create unique > > Controller/action strings. For example, for the part where people > > talk about cars, your aliases might look like this: > > > CarEnthusiastForum > > add > > CarEnthusiastForum/edit > > CarEnthusiastForum/delete > > CarEnthusiastForum/index > > > On Feb 11, 6:18 am, boyracerr <[EMAIL PROTECTED]> wrote: > > > > Hello to all, > > > > I am keen to use ACL in my application. However, the requirement that > > > users only be in one group seems to me to be a massive obstacle. > > > > As an example, imagine there is a bulletin board application with many > > > forums. Each forum will have members, moderators and administrators. > > > An administrator in one group may be only a member of another group > > > and so on. > > > > I thought up a possible solution to the above, and I would appreciate > > > comments. As I understand it, tree navigation (and thus cascading > > > permissions) is implemented using the parentID() function, implemented > > > in the relevant model. > > > > Would it be possible to write the parentID() function such that it > > > returned a different parentID depending on the current location in the > > > site. > > > > For example: > > > > User visits Forum1. He is only a member of this forum. parentID() > > > knows that he is visiting that particular forum, and thus returns > > > Forum1.members as the relevant parent group. > > > > User visits Forum2. He is an administrator of this forum. parentID(), > > > based on the forum being viewed, returns Forum2.admins as the relevant > > > parent group. > > > > Comments on the above? Would it work? Would it solve this problem? > > > > Thanks, > > > Benjamin --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
