Re: ACL not denying access to protected actions
Hi, (Sorry, meant to reply to the group) Have you had any joy with this issue? I am struggling with exactly the same problem you have described. Cheers On Aug 3, 5:53 am, Josh joshs.silver...@gmail.com wrote: Hello, I have been working on an app for quite a while now, and I have just noticed that myACLdoesn't seem to be doing anything: once logged in, all actions are allowed. I have checked through theACLtutorial in the manual a few times and even removed and replaced the code snippets. I have not had this trouble with the CakeACLon other sites, so I'm getting pretty frustrated. Here are some more details: -TheACLand Auth component are placed in the App Controller and are definitely being instantiated -The DBs for theACLare all correct and up to date -TheAcl-check function always returns the correct permission status for both the group and the user loginRedirect and actionPath are set to what I'd like them to be -There are no stray allowedActions or allow statements In short, theACLcomponent has a correct record of Aros/Acos and Permissions. It just doesn't deny access to any logged in user. Does anybody know what can be causing this? I have a feeling that when it is fixed, I'll want to kick myself, but I have been struggling with it long enough that I'd be happy with a DUH! moment. Thanks --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: ACL not denying access to protected actions
My problem was that I had removed the parent::beforeFilter(); statement from my controllers. It seems like the section of the Cookbook where it says to insert this line might lead you to believe that you only need it when using $this-Auth-allowedActions. In fact, this is the only way to assure that the beforeFilter method in app_controller runs and configures the ACL. Let me know if this works. On Aug 7, 2:46 pm, robh robhalk...@gmail.com wrote: Hi, (Sorry, meant to reply to the group) Have you had any joy with this issue? I am struggling with exactly the same problem you have described. Cheers On Aug 3, 5:53 am, Josh joshs.silver...@gmail.com wrote: Hello, I have been working on an app for quite a while now, and I have just noticed that myACLdoesn't seem to be doing anything: once logged in, allactionsare allowed. I have checked through theACLtutorial in the manual a few times and even removed and replaced the code snippets. I havenothad this trouble with the CakeACLon other sites, so I'm getting pretty frustrated. Here are some more details: -TheACLand Auth component are placed in the App Controller and are definitely being instantiated -The DBs for theACLare all correct and up to date -TheAcl-check function always returns the correct permission status for both the group and the user loginRedirect and actionPath are set to what I'd like them to be -There are no stray allowedActions or allow statements In short, theACLcomponent has a correct record of Aros/Acos and Permissions. It just doesn't denyaccessto any logged in user. Does anybody know what can be causing this? I have a feeling that when it is fixed, I'll want to kick myself, but I have been struggling with it long enough that I'd be happy with a DUH! moment. Thanks --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: ACL not denying access to protected actions
Like a charm! Added parent::beforeFilter(); to all my controllers and it works as expected. Thanks a lot. On 7 Aug, 20:12, Josh joshs.silver...@gmail.com wrote: My problem was that I had removed the parent::beforeFilter(); statement from my controllers. It seems like the section of the Cookbook where it says to insert this line might lead you to believe that you only need it when using $this-Auth-allowedActions. In fact, this is the only way to assure that the beforeFilter method in app_controller runs and configures theACL. Let me know if this works. On Aug 7, 2:46 pm, robh robhalk...@gmail.com wrote: Hi, (Sorry, meant to reply to the group) Have you had any joy with this issue? I am struggling with exactly the same problem you have described. Cheers On Aug 3, 5:53 am, Josh joshs.silver...@gmail.com wrote: Hello, I have been working on an app for quite a while now, and I have just noticed that myACLdoesn't seem to be doing anything: once logged in, allactionsare allowed. I have checked through theACLtutorial in the manual a few times and even removed and replaced the code snippets. I havenothad this trouble with the CakeACLon other sites, so I'm getting pretty frustrated. Here are some more details: -TheACLand Auth component are placed in the App Controller and are definitely being instantiated -The DBs for theACLare all correct and up to date -TheAcl-check function always returns the correct permission status for both the group and the user loginRedirect and actionPath are set to what I'd like them to be -There are no stray allowedActions or allow statements In short, theACLcomponent has a correct record of Aros/Acos and Permissions. It just doesn't denyaccessto any logged in user. Does anybody know what can be causing this? I have a feeling that when it is fixed, I'll want to kick myself, but I have been struggling with it long enough that I'd be happy with a DUH! moment. Thanks --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: ACL not denying access to protected actions
Show your code where you check permissions --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
ACL not denying access to protected actions
Hello, I have been working on an app for quite a while now, and I have just noticed that my ACL doesn't seem to be doing anything: once logged in, all actions are allowed. I have checked through the ACL tutorial in the manual a few times and even removed and replaced the code snippets. I have not had this trouble with the Cake ACL on other sites, so I'm getting pretty frustrated. Here are some more details: -The ACL and Auth component are placed in the App Controller and are definitely being instantiated -The DBs for the ACL are all correct and up to date -The Acl-check function always returns the correct permission status for both the group and the user loginRedirect and actionPath are set to what I'd like them to be -There are no stray allowedActions or allow statements In short, the ACL component has a correct record of Aros/Acos and Permissions. It just doesn't deny access to any logged in user. Does anybody know what can be causing this? I have a feeling that when it is fixed, I'll want to kick myself, but I have been struggling with it long enough that I'd be happy with a DUH! moment. Thanks --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---