Thank you for your answer. I already thought that belonging to more
than one groups would break the standard Acl way.
So what about this setup:
User hasOne Person
Person hasOne Role
Can I use bindNode in User to bind it to Person and in Person bindNode
to bind it to Role?
Regards,
Jens
On 5 Jan., 11:53, alaxos <ala...@gmail.com> wrote:
> Hi,
>
> AFAIK, the standard permission check done by the pair Auth + Acl only
> works if your users belong to one role only.
> If your users can have many roles, you are not in the standard Acl
> tree structure.
>
> This means that you will have to implement your own authorization
> logic. This may probably be done by setting the AuthComponent::
> $authorize variable to 'controller' and then by implementing the
> Controller::isAuthorized() method in your AppController.
>
> Something like this:
>
> function beforeFilter()
> {
> $this->Auth->authorize = 'controller'; //-> Auth will use the
> isAuthorized() method
>
> }
>
> function isAuthorized()
> {
> // Get the logged user
>
> // Loop on his associated groups
>
> // For each group call $this->Acl->check($group,
> $current_aco_path)
>
> // if one call to Acl->check(...) return true, then return true.
>
> //else return false;
>
> }
>
> I've never done it, but I suppose it should work.
>
> Regards,
> nIcO
>
> On Jan 5, 10:58 am, Jens Dittrich <jdittr...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Hello everyone, I have a problem with Acl. I have an Application where
> > my ACO's are my Controllers and their functions. My ARO's should be
> > Roles that People are in. The setup looks like this:
> > User hasOne Person
> > Person hasAndBelongsToMany Roles
>
> > In the tutorials the setup is simpler, there you have User and Group
> > and you use bindNode() to let ACL look up in the Group. In my
> > situation I want it to look one step further: User over Person to
> > Role. Is that possible?
>
> > Is it supported to belong to multiple ARO's (Roles in my case) by Acl
> > or will I run into Problems?
>
> > Regards,
> > Jens
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
