Re: Some questions about ACL
Hi Joe, I understand, so I need to create a model for Steels / Rims? I thought it was not necessary. Exactly that I don't understand to join the ideas and build the admin page permissions. Thank you, Douglas Pacheco Cardoso 2010/1/19 Joe L > Hi Douglas, I believe by using Groups for authentication is one way to > go with it. > > Firstly u could setup the permission for the GROUP as mention in > Cakephp tutorial as below > http://book.cakephp.org/view/648/Setting-up-permissions > > Then you can assign the USER(s) to that GROUP. > > When it comes to the admin page, you could setup an EDIT page for the > ACL table for modifying the GROUP's permission to access to different > controllers. And also setup an EDIT page USER table for modifying USER > belong to which GROUP. > > Does that answer your question? > > > > On Jan 19, 10:03 am, Joe L wrote: > > Could I clarify, are you asking how to create an admin page to modify > > the user permissions? > > > > On Jan 19, 3:48 am, Douglas Pacheco Cardoso > > wrote: > > > > > Hi, how are you? I'm a new membership... > > > > > Please, i want to use ACL to do control of permissions on my system. > > > I > > > understand how it works, how to check permissions and more, but i > > > don't know getting to join ideas to create one page for manage of > > > this > > > permissions. > > > > > Example: > > > I want to select the user and set for this user permissions in > > > certain > > > pages. I'll to use groups in the future, but if I have a example, > > > help > > > me much. > > > > > Anybody have some example for me? Don't need source code, only > > > ideas... > > > > > Thank you, > > > Douglas Pacheco Cardoso > > Check out the new CakePHP Questions site http://cakeqs.org and help others > with their CakePHP related questions. > > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To post to this group, send email to cake-php@googlegroups.com > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.comFor > more options, visit this group at > http://groups.google.com/group/cake-php?hl=en > > Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Some questions about ACL
Hi Douglas, I believe by using Groups for authentication is one way to go with it. Firstly u could setup the permission for the GROUP as mention in Cakephp tutorial as below http://book.cakephp.org/view/648/Setting-up-permissions Then you can assign the USER(s) to that GROUP. When it comes to the admin page, you could setup an EDIT page for the ACL table for modifying the GROUP's permission to access to different controllers. And also setup an EDIT page USER table for modifying USER belong to which GROUP. Does that answer your question? On Jan 19, 10:03 am, Joe L wrote: > Could I clarify, are you asking how to create an admin page to modify > the user permissions? > > On Jan 19, 3:48 am, Douglas Pacheco Cardoso > wrote: > > > Hi, how are you? I'm a new membership... > > > Please, i want to use ACL to do control of permissions on my system. > > I > > understand how it works, how to check permissions and more, but i > > don't know getting to join ideas to create one page for manage of > > this > > permissions. > > > Example: > > I want to select the user and set for this user permissions in > > certain > > pages. I'll to use groups in the future, but if I have a example, > > help > > me much. > > > Anybody have some example for me? Don't need source code, only > > ideas... > > > Thank you, > > Douglas Pacheco Cardoso Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Some questions about ACL
Could I clarify, are you asking how to create an admin page to modify the user permissions? On Jan 19, 3:48 am, Douglas Pacheco Cardoso wrote: > Hi, how are you? I'm a new membership... > > Please, i want to use ACL to do control of permissions on my system. > I > understand how it works, how to check permissions and more, but i > don't know getting to join ideas to create one page for manage of > this > permissions. > > Example: > I want to select the user and set for this user permissions in > certain > pages. I'll to use groups in the future, but if I have a example, > help > me much. > > Anybody have some example for me? Don't need source code, only > ideas... > > Thank you, > Douglas Pacheco Cardoso Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Some questions about ACL
Hi, how are you? I'm a new membership... Please, i want to use ACL to do control of permissions on my system. I understand how it works, how to check permissions and more, but i don't know getting to join ideas to create one page for manage of this permissions. Example: I want to select the user and set for this user permissions in certain pages. I'll to use groups in the future, but if I have a example, help me much. Anybody have some example for me? Don't need source code, only ideas... Thank you, Douglas Pacheco Cardoso Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Some questions about ACL implementation
Hopefully these aren't lame questions. Believe me, I've spent lots of
time reading every tutorial I can find and lots of threads on this
group. I still have a few questions though.
1. Many of the implementations of user groups in ACL have a UserGroup
model (User belongsTo UserGroup), which is then followed through in
the AROs table. Isn't this just duplication? Should I not just save
userGroups into the AROs table and be done with it? You can still edit
group names by directly manipulating the record in ARO, no? Granted
that you can't add extra fields, such as description, but if I'm
simply storing a group name AND using aros_acos to test the group's
permissions, shouldn't this suffice?
2. Is there any reason that the ARO tree isn't stored in the Auth
Session on login, to save having to call it on every page view?
3. Am I right in thinking that CRUD-based authorisation doesn't allow
you to restrict the whole admin site (i.e. admin_index, admin_view
etc) to an administrators group? For this actions-based authorisation
is what you need?
4. When using plugins the $this->params['controller] variable isn't
set if you use the default controller, e.g. the 'posts' controller in
the 'posts' plugin, with the route /posts/view. This causes Auth-
>isAuthorized() to break.
Is this the best way to fix this problem this (in AppController
beforeFilter function), or is there a better way?:
if(!$this->Auth->params['controller']) { $this->Auth-
>params['controller'] = $this->params['plugin']; }
Thanks for any help!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Some questions about ACL
Hi, I think I think I have read all the acl tutorials out there and I still don't understand how this works in cakephp. All of those tutorials have a different approach on how to use the acl/auth components so you end up confused as they contradict some times or explain how to do the same thing in different ways, very frustrating. The new chapter on the book cleared a lot of things to me but still is missing some things that I still have lots of confusion and questions. So I'm going to ask here some of them to try to get a clearer view of the acl component and be able to use it. I hope the answers to my questions also help others as I see that I'm not the only one that doesn't understand how this works based on the large amount of questions about the acl component on this list and the comments on many of the tutorials. Ok first, I have it clear on how to create ARO's and ACOS, the cake book explains that very well, but on how to assign permissions, on how ARO's access ACO's, it only explains how to do it with CRUD actions, not with other actions different from CRUD's or admin actions when using admin routing. How should those actions be assigned to ARO's and ACO's permissions? Second, the authorization checks have to be made explicitly using the Acl->check method or can be done implictly? of all of what I have read I have the impression that it can be handled both ways but now I'm very confused. If not and the only way is to explicitly do the checks, where do they should be done, on the beforeFilter method of each controller or on the same method of AppController? Third, the Auth component has a variable called authorize, which as far as I understand, it's used to set the type of authorization to be used or something like that. The possible values I'm aware of are crud" which is used to do authorization with CRUD actions, and "controller" and "model", which require a method called isAuthorized in the controller and model respectively where the authorization takes place. Is any other value for authorize that I'm not ware of and are my assumptions correct about the meaning of the possible values? Fourth, where should I specify a controller action's that don't need authentication nor authorization? on each controller on the beforeFilther method or in appController ? I think this is all for now, many thanks in advance for the answers. Cheers, -- Juan Luis Baptiste --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Some questions about ACL
I probably shouldn't say this but.. I gave up on Acl (for now!). For
the same conflicting confusion i received after reading the articles
listing here in the FAQs page.
Before I knew about Acl I wrote my own method to authenticate users.
I user a Users table, a Roles table.
Users can login, register, reset passwords(via email tickets) and edit
their profiles. Admins can add new users, and reset passwords. all via
the users controller.
I also assign user id's to every post and project so only owners may
edit. Anyone else attempting gets banned. This is true of those who
alter the hidden html form field as well.
A method saved in AppController can be called from any controller
action to authenticate users. If they are not authorized the
checkUserSession method reroutes them to a login page, retaining their
last page to return them to.. optionally landign page ca n be
specified.
function edit($id){
$this->checkUserSession(4); // 4 here sginafies admin (levels 1, 2, 4)
//do stuff authenticated users ca...
}
My login controller saves a session for any user who logs in, so we
can show and hide buttons and links in views on the fly. Or perhaps
tpo decide whether internal news gets shown along side public news.
$user=$session->read('User');
//show link to any logged in users(say to add a new post etc)
if(isset($user['Role'])) echo $html->link(...);
//show links to admin only (say to delete an existing post, etc)
if( $user['Role']['rights'] == 4 ) echo $html->link('admins
only',...);
So with all this work invested in what I find to be a sufficient
system, I am reluctant to switch over all my code to a system I can
hardly wrap my head around. One tutorial doesn't even discuss login
pages, or where to pull user name, id or group from.
If anyone just needs authentication, but can't get Acl, there are
other options.
On Jul 20, 2:53 am, "Juan Luis Baptiste" <[EMAIL PROTECTED]>
wrote:
> Hi,
>
> I think I think I have read all the acl tutorials out there and I
> still don't understand how this works in cakephp. All of those
> tutorials have a different approach on how to use the acl/auth
> components so you end up confused as they contradict some times or
> explain how to do the same thing in different ways, very frustrating.
> The new chapter on the book cleared a lot of things to me but still is
> missing some things that I still have lots of confusion and questions.
> So I'm going to ask here some of them to try to get a clearer view of
> the acl component and be able to use it. I hope the answers to my
> questions also help others as I see that I'm not the only one that
> doesn't understand how this works based on the large amount of
> questions about the acl component on this list and the comments on
> many of the tutorials.
>
> Ok first, I have it clear on how to create ARO's and ACOS, the cake
> book explains that very well, but on how to assign permissions, on how
> ARO's access ACO's, it only explains how to do it with CRUD actions,
> not with other actions different from CRUD's or admin actions when
> using admin routing. How should those actions be assigned to ARO's and
> ACO's permissions?
>
> Second, the authorization checks have to be made explicitly using the
> Acl->check method or can be done implictly? of all of what I have read
> I have the impression that it can be handled both ways but now I'm
> very confused. If not and the only way is to explicitly do the checks,
> where do they should be done, on the beforeFilter method of each
> controller or on the same method of AppController?
>
> Third, the Auth component has a variable called authorize, which as
> far as I understand, it's used to set the type of authorization to be
> used or something like that. The possible values I'm aware of are
> crud" which is used to do authorization with CRUD actions, and
> "controller" and "model", which require a method called isAuthorized
> in the controller and model respectively where the authorization takes
> place. Is any other value for authorize that I'm not ware of and are
> my assumptions correct about the meaning of the possible values?
>
> Fourth, where should I specify a controller action's that don't need
> authentication nor authorization? on each controller on the
> beforeFilther method or in appController ?
>
> I think this is all for now, many thanks in advance for the answers.
>
> Cheers,
> --
> Juan Luis Baptiste
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
