Actually you can do exactly what you say with CakePHP ACL. By default, the AclComponent allow() and deny() methods save 1 and -1 respectively for all fields _create, _read, _update and _delete. Then if you use the AclComponent to check if a user is authorized to do some actions, the check() method simply returns a boolean, used to grant or deny access.
I have never used the specific values of _create, _read, _update and _delete, but I guess they are more useful in other situations, but not to check users permissions on actions. At least in my case, the aros_acos table contains only records with four 1, or four -1. Regards, nIcO On Jan 24, 1:20 am, Petr Vytlačil <petr.vytla...@gmail.com> wrote: > I understand ACL logic and what is ACO etc... > But I thing this solution is stupid. Why I should setting premissions > (update,delete,save,add) for action deleteItems of some Controller. > Its sure I want only check if i can call deleteItems for this i dont > need check if i has premission for update, delete, etc. for this > action. .-) > > Understand me? > > Better solution: > I has controller Entries and methos deleteEntry, addEntry. > User role ADMIN has setting permission for ACO: Entries::deleteEntry > and Entries::addEntry > > In app controller i check premission: $this->Acl->check(this->userRole, > 'Entries::addEntry'); > > This is more simple and i dont need controll if users can read, save, > delete, add this action. > > On Jan 12, 9:24 am, Andi <blumenm...@gmail.com> wrote: > > > Hi, > > > I think that you didn't understand the complex ACL logik. But it is > > really complex. > > > The "actions" update, delete, save, add are the actions for the ACO. > > So the first question is: what is an ACO? It is an Access Control > > Object. Read here more about the > > logic:http://book.cakephp.org/view/465/Understanding-How-ACL-Works > > So a typical ACO for CakePHP is a method of a controller. > > Example: > > Controller for Usergroups > > Methods: > > * add > > * delete > > * index > > * list > > * mygroups > > * admin > > * view > > Every Method is an ACO and for every ACO you can set the permissions > > update, delete, save, add. > > > More Information about setting the > > permissions:http://book.cakephp.org/view/648/Setting-up-permissions > > > On 9 Jan., 22:18,PetrVytlaèil <petr.vytla...@gmail.com> wrote: > > > > Hi in ACL you can controll only action (update, delete, save, add) It > > > is bad because app can has more other metod is any solutuion how > > > control access for other methor for example: > > > > Controller Users > > > Function list(){ > > > ...... > > > > } > > > > THX -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
