Hi John, I do use a plugin to manage permissions and it seems to work quite well although I still prefer the shell interface for adding/removing aro/ aco and creating permissions on the fly.
The grey area for me right now is authorizing CRUD vs. otherActions. I know that I can use Auth->mapActions and treat otherActions as CRUD but I assumed that Auth->authorize='actions' would allow me grant/ deny permissions on that action regardless of what the action does in relation to CRUD. I guess I'm still a bit confused here. On Jan 15, 11:02 pm, John Maxim <goog...@gmail.com> wrote: > Hi Ed, > > You can customise your users permission using ACL plugin. I suggest > finding one on your own, the current one I use has a drawback when I > have over 10 groups with different permission settings. The role > permission setting stops working. However, it's still effective if I > view users roles or users permission, and from there we can customise > the users permission. > > You may want to refer to this: > > http://www.alaxos.net/blaxos/pages/view/7 > > I'm not sure if you can find a better one or make one. The recommended > ACL plugins can be found here: > > Mark Story's ACL extras and menu components. > > http://josediazgonzalez.com/2010/08/16/cakephp-plugins-a-biblical-ret... > > If anytime you managed to get one working better than any above, share > with me. > > :-) > > Best regards, > Maxim. > > On Jan 16, 9:59 am, Ed Propsner <crotchf...@gmail.com> wrote: > > > > > > > > > I've been plugging away with Cake for some time now with extremely few > > issues. I recently decided that ACL was the right choice for my app ... now > > I have issues :) > > > I've toyed with it long enough now that I understand the concept and > > mechanics of it but the issue I'm having is this: > > When granting access, it seems to be all or nothing. If I take the Group > > users for example, access has to be at > > CRUD 1 1 1 1 or sitewide access is denied. Changing it to CRUD 1 1 1 0 > > denies access not just to the controller or parts of it, > > but the entire app. I was assuming that ultimately I would be able deny > > access to any controller/action that I want but it > > doesn't seem to be working out that way for me. > > > What I am overlooking here? I referenced the tutorial in the book when > > putting the ACL together so the set-up is > > very straightforward. I didn't try to do anything fancy or creative with it, > > it's all by the book. Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
