Re: acl :: deny access to PostsController

[AKO]

Im still playing around with this acl-tutorial and followed it with
users,groups,posts,widgets and got it working without problems..

As soon as I shift from from 'posts' to 'tests' the auth and vcl
suddenly doesnt apply by magic and you can enter just by pressing a
URL to the tests path/to/your/domain/tests/  ..
All other url's (path/to/your/domain/users/ and path/to/your/domain/
groups) are still protected by acl + auth but why not my tests.?

Is there something magic about the table posts which cannot be applied
to other name although the setup is exactly the same?
Do I have to explicitly set something up in my test-model (ie.   var
$actsAs = array('Acl' => array('type' => 'controlled'));  or
parentNode() ) ?

Dont understand this so please help me..

AKO

On Mar 15, 12:00 pm, AKO <anders.konr...@gmail.com> wrote:
> So I read the tutorial over and over again and cant figure out why my
> permissions are not working..
>
> I followed the tutorial 11.2 and have almost similar structure but
> instead of 'posts' and 'widgets' i have only 'tests':
>
>  - superadmin has acces to all controllers
>  - admin has acces to all controllers/Tests
>  - user can only view test(results)
>
> My question is simple: Why can I enter URL tests/index when im not
> authorized..??
> Even if I set all my permissions to -1 I still can acces directly via
> URL entering..??
>
> Its like the Auth/Acl is only working on my UsersController and not
> covering my TestsController..
>
> Any help will be much appreciated..
>
> INFO:
>
> ARO's like this:
>
> [1] superadmin
>     [5] User.18
>   [2] admin
>     [6] User.19
>   [3] user
>     [7] User.20
>
> ACO's look like this:
> [1] controllers
>     [2] Pages
>       [3] display
>       [4] add
>       [5] edit
>       [6] index
>       [7] view
>       [8] delete
>     [9] Users
>       [10] login
>       [11] logout
>       [12] index
>       [13] view
>       [14] add
>       [15] edit
>       [16] delete
>       [17] initDB
>     [18] Tests
>       [19] index
>       [20] view
>       [21] add
>       [22] edit
>       [23] delete

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com For more options, visit this group at 
http://groups.google.com/group/cake-php