Im still playing around with this acl-tutorial and followed it with users,groups,posts,widgets and got it working without problems..
As soon as I shift from from 'posts' to 'tests' the auth and vcl suddenly doesnt apply by magic and you can enter just by pressing a URL to the tests path/to/your/domain/tests/ .. All other url's (path/to/your/domain/users/ and path/to/your/domain/ groups) are still protected by acl + auth but why not my tests.? Is there something magic about the table posts which cannot be applied to other name although the setup is exactly the same? Do I have to explicitly set something up in my test-model (ie. var $actsAs = array('Acl' => array('type' => 'controlled')); or parentNode() ) ? Dont understand this so please help me.. AKO On Mar 15, 12:00 pm, AKO <anders.konr...@gmail.com> wrote: > So I read the tutorial over and over again and cant figure out why my > permissions are not working.. > > I followed the tutorial 11.2 and have almost similar structure but > instead of 'posts' and 'widgets' i have only 'tests': > > - superadmin has acces to all controllers > - admin has acces to all controllers/Tests > - user can only view test(results) > > My question is simple: Why can I enter URL tests/index when im not > authorized..?? > Even if I set all my permissions to -1 I still can acces directly via > URL entering..?? > > Its like the Auth/Acl is only working on my UsersController and not > covering my TestsController.. > > Any help will be much appreciated.. > > INFO: > > ARO's like this: > > [1] superadmin > [5] User.18 > [2] admin > [6] User.19 > [3] user > [7] User.20 > > ACO's look like this: > [1] controllers > [2] Pages > [3] display > [4] add > [5] edit > [6] index > [7] view > [8] delete > [9] Users > [10] login > [11] logout > [12] index > [13] view > [14] add > [15] edit > [16] delete > [17] initDB > [18] Tests > [19] index > [20] view > [21] add > [22] edit > [23] delete -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php