Steve, thank you!
Yeah, I found this in cake source code
//code
/**
* Determines whether the given user is authorized to perform an
action. The type of
* authorization used is based on the value of AuthComponent::
$authorize or the
* passed $type param.
*
* Types:
* 'controller' will validate against Controller::isAuthorized() if
controller instance is
* passed in $object
* 'actions' will validate Controller::action against an
AclComponent::check()
* 'crud' will validate mapActions against an AclComponent::check()
* array('model'=> 'name'); will validate mapActions against model
* $name::isAuthorized(user, controller, mapAction)
* 'object' will validate Controller::action against
* object::isAuthorized(user, controller, action)
*
* @param string $type Type of authorization
* @param mixed $object object, model object, or model name
* @param mixed $user The user to check the authorization of
* @return boolean True if $user is authorized, otherwise false
* @access public
*/
function isAuthorized($type = null, $object = null, $user = null) {
//code end
There is another question, if _create action was setted -1 and others
were setted 1. What will happen?
Hope somebody can help! :-)
On Feb 21, 8:03 am, stevel <isig...@gmail.com> wrote:
> I'm not an expert in this. This is my understanding. How the 4 action
> settings are used depends on the type of authorization mode you are
> using. If you select the CRUD mode Auth->authorize = 'crud', then the
> full functionality of the aros_acos table will be utilized, so that
> access will be granted to an action only if the column for that action
> is set to a value of ‘1’. So for this situation, you can have a
> mixture of "1" and "0" for the 4 action column.
>
> But if you set Auth->authorize = 'actions' or Auth->authorize =
> 'controller', then the 4 settings are used differently. For example, I
> use Auth->authorize = 'actions'; then in the aros_acos table for a
> particular action, I have to set all 4 settings to "1" to allow access
> permission to that action or set to "0" to deny access. If any one of
> the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the
> entire node. Which is what you brought up as true and false setting.
> So if you want it to be true, set all 4 columns to "1", or if you want
> it to be false, set all to "0" (or at least one column to "0").
>
> Not sure if that helps or not. If my understanding is incorrect,
> hopefully some experts will help explain it better.
>
> Cheers,
> Steve
>
> On Feb 20, 6:42 am, Joshua <josh...@gmail.com> wrote:
>
> > Thanks for your reply!
> > So what's meaning of these four actions, like
> > _update,_create,_read,_delete in table aros_acos?
> > We say an user has the read rights of an action post?
> > In my opinion, there should be only two status, true or false instead
> > of these four actions. If true, we can say an user has the right of
> > post action. If false, an user has no rights to the action.
> > ?
>
> > On Feb 20, 10:09 pm, James Louie Puro <james.louie.p...@gmail.com>
> > wrote:
>
> > > I think not...while AROs are elements trying to gain access to a protected
> > > system like users and groups, ACOs are elements (actions) that are being
> > > protected.
>
> > > so you can add acos (action) in your controller just like function index,
> > > view...etc
> > > and assign AROs to it.
>
> > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua <josh...@gmail.com> wrote:
>
> > > > Is there anybody can help me?
>
> > > > On Feb 20, 8:22 pm, Joshua <josh...@gmail.com> wrote:
> > > > > Hi,
> > > > > I try to add ACL to my application, but when I take a look at the
> > > > > table 'aros_acos', it seems there is only four actions in the table.
> > > > > Did it mean that we can only use four actions in our applications?
> > > > > Is there any body can explain this? Many thanks!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
