As a follow up to my former post here is some code to assist you:
/**
* Rebuild the Acl based on the current controllers in the application
*
* @return void
*/
function buildAcl() {
$log = array();
$aco =& $this->Acl->Aco;
$root = $aco->node('controllers');
if (!$root) {
$aco->create(array('parent_id' => null, 'model' => null,
'alias' => 'controllers'));
$root = $aco->save();
$root['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for controllers';
} else {
$root = $root[0];
}
App::import('Core', 'File');
$Controllers = Configure::listObjects('controller');
$appIndex = array_search('App', $Controllers);
if ($appIndex !== false ) {
unset($Controllers[$appIndex]);
}
$baseMethods = get_class_methods('Controller');
$baseMethods[] = 'buildAcl';
// look at each controller in app/controllers
foreach ($Controllers as $ctrlName) {
App::import('Controller', $ctrlName);
$ctrlclass = $ctrlName . 'Controller';
$methods = get_class_methods($ctrlclass);
// find / make controller node
$controllerNode = $aco->node('controllers/'.$ctrlName);
if (!$controllerNode) {
$aco->create(array('parent_id' => $root['Aco']['id'],
'model' => null, 'alias' => $ctrlName));
$controllerNode = $aco->save();
$controllerNode['Aco']['id'] = $aco->id;
$log[] = 'Created Aco node for '.$ctrlName;
} else {
$controllerNode = $controllerNode[0];
}
//clean the methods. to remove those in Controller and
private actions.
foreach ($methods as $k => $method) {
if (strpos($method, '_', 0) === 0) {
unset($methods[$k]);
continue;
}
if (in_array($method, $baseMethods)) {
unset($methods[$k]);
continue;
}
$methodNode = $aco->node('controllers/'.$ctrlName.'/'.
$method);
if (!$methodNode) {
$aco->create(array('parent_id' =>
$controllerNode['Aco']['id'], 'model' => null, 'alias' => $method));
$methodNode = $aco->save();
$log[] = 'Created Aco node for '. $method;
}
}
}
debug($log);
}
function initDB() {
$group =& $this->User->Group;
//Allow admins to everything
$group->id = 1;
$this->Acl->allow($group, 'controllers');
//allow managers to posts and widgets
$group->id = 2;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Posts');
$this->Acl->allow($group, 'controllers/Widgets');
//allow users to only add and edit on posts and widgets
$group->id = 3;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Posts/add');
$this->Acl->allow($group, 'controllers/Posts/edit');
$this->Acl->allow($group, 'controllers/Widgets/add');
$this->Acl->allow($group, 'controllers/Widgets/edit');
}
This code was taken from Mark Story's tutorial on ACL @
http://mark-story.com/posts/view/auth-and-acl-an-end-to-end-tutorial-pt-2
On Jul 19, 5:40 am, matsakaw <igebas...@gmail.com> wrote:
> i struggled with Acl/Auth and i admit i just followed the steps
> without FULLY understanding what i did -- to generate the aros, acos
> and aros_acos tables using the build_Acl and initDB functions
> mentioned in the cake book/tutorial. i was only too glad then to
> finally make Acl/Auth work -- my users and groups can access (and be
> denied from) selected controllers and their actions as programmed (in
> build_Acl, and in initDB).
>
> but lately, there has been a need to add new actions for some
> controllers. i am now getting some unauthorized access messages to
> these added actions.
>
> what may i do now to include these new actions in the aros, acos and
> aros_acos tables?
>
> any help will be much appreciated. leads to any new tutorials on Acl/
> Auth welcome also.
>
> thanks,
> matsakaw
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
