Hi. I have set up the cake ACL component (as per the book tutorial) and it works 100% when individual permissions are not set.
Example: ARO = User/username (User = ARO group, username = ARO user) ACO = controllers/Users/index (controllers = ACO global controller, Users = Users controller, index = function or action) Permission for above in aros_acos table 1,1,1,1 and -1,-1,-1,-1 works. Allows or denys access to index via that user correctly. (inheriting from thier parents working properly aswell) If I set the permissions for index for the user (or group) to 1,1,1,-1 (allow all accept delete or any other combination) the ACL fails and it works exactly the same as deny all (-1,-1,-1,-1). my beforeFilter in apps controller looks like the following below function beforeFilter() { //Configure AuthComponent $this->Auth->userModel = 'emailuser'; $this->Auth->authorize = 'actions'; $this->Auth->loginAction = array('controller' => 'emailusers', 'action' => 'login'); $this->Auth->logoutRedirect = array('controller' => 'emailusers', 'action' => 'login'); $this->Auth->loginRedirect = array('controller' => 'emailusers', 'action' => 'index'); $this->Auth->allowedActions = array('display','register','ajax_register', 'login', 'logout', 'group'); $this->Auth->actionPath = 'controllers/'; } Anyone got any suggestions? Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en