So I read the tutorial over and over again and cant figure out why my permissions are not working..
I followed the tutorial 11.2 and have almost similar structure but instead of 'posts' and 'widgets' i have only 'tests': - superadmin has acces to all controllers - admin has acces to all controllers/Tests - user can only view test(results) My question is simple: Why can I enter URL tests/index when im not authorized..?? Even if I set all my permissions to -1 I still can acces directly via URL entering..?? Its like the Auth/Acl is only working on my UsersController and not covering my TestsController.. Any help will be much appreciated.. INFO: ARO's like this: [1] superadmin [5] User.18 [2] admin [6] User.19 [3] user [7] User.20 ACO's look like this: [1] controllers [2] Pages [3] display [4] add [5] edit [6] index [7] view [8] delete [9] Users [10] login [11] logout [12] index [13] view [14] add [15] edit [16] delete [17] initDB [18] Tests [19] index [20] view [21] add [22] edit [23] delete -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php