I have been trying to use the Acl->deny() function (with database stored ACL) to remove a user's access to certain actions in my application. However deny() appears to "allow" rather than "deny" access.
After about an hour of fiddling and reviewing log output I manually changed all permissions fields in the user's ArosAco records from 1 to 0 When I tried to access the denied pages I was blocked (as expected). Then I ran my Acl->deny() code again and checked the database. The permissions fields in the user's records had been switched back to 1. exact code being executed: $this->Acl->deny('[EMAIL PROTECTED]', 'subscription_1'); $this->Acl->deny('[EMAIL PROTECTED]', 'subscription_2'); This is based on the example code from the manual: $this->Acl->deny('Abraham Lincoln', 'United States Army'); Is this known behavior, or is it a bug? Or am I missing something ... I have had a look through the ACL code, but can't see why the deny wouldn't work. Any feedback would be much appreciated. Regards, Langdon --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---