Well with a quick view to your problem i think you should map your action editScooter using actionMap with one of the 4 actions (create,read,update,delete) and then go with crud mode.I don't think it is a problem with the parameters because edit take parameters too for the id for example. If you use action mode you do $this->Acl->allow($aroAlias,$acoAlias); which means $this->Acl->allow(users,scooters/edit); So you allow users to edit any scooter,but to edit ONLY their own you do what i post you 1st.
2009/6/26 DigitalDude <e.blumsten...@googlemail.com> > > Hey, > > it is an edit action for an item, and it is similar to other ones I > have in my app and all other ones are denied for non-logged-in users > (which means, in all other actions, the ACL works fine). > > I checked the controller if there were any allowedActions in the > beforeFilter and other pre-occuring actions before the controller > action, but there were none. > > My function header looks like this: > > public function editScooter($shop_id = null, $scooter_id = null) { > .... > } > > So the function gets two parameters to work with, and in my ACL Table > under ACO's the editScooter-Acion is listed. > > When I call the action without any parameters, eg > > http://www.myapp.com/scooters/editScooter > > the ACL works fine. But the moment I put some parameters behind that > action, the ACL fails. > > My ACL is defined via shell and the code of it looks like this: > > $this->Acl->allow('users', 'Scooters'); > > Normally every controller action of the controller "Scooters" should > be secured by ACL, and this works for methods like index, add, edit, > view... > > Only the editScooter action is not secured by ACL. Maybe this has to > do with the two parameters which CAN be applied to the function, but > the function also is used for modifications with one passed > parameter. > > I did not change any routes, and the beforeFilter in my app_controller > has no allowedActions. > > :( > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---