Anyone any ideas? Surely ACL shouldn't be this hard? By the way, I'm using PHP 5 and Cake 1.2.
On 31 Aug, 10:44, Paul <[EMAIL PROTECTED]> wrote: > Hi there, > > I'm getting more and more frustrated withACL, so please someone help > me before I drive myself mad! I'm sure once I'm over this last hurdle > it'll all fall into place :) > > If i do this: > > $this->Acl->deny($aroNode,$acoNode); > > then all the _read, _update etc. fields in the aros_acos table are set > to -1 (or 1 if I'd used allow). So far so good! > > However, If I have an array of 'actions', like this: > > $actions = Array('read','update'); > > And I set permissions like this: > > $this->Acl->allow($aroNode,$acoNode,$actions); > > Then _read and _update are set to 1 (as expected), but the rest are > set to zero - they are not left as they are (I explicitly do a deny > all before I call allow). This doesn't seem right to me - I would've > thought 'allowing' a set of permissions would leave the others > untouched? > > Try as I might I can't work out where in the cake source it's doing > this setting to zero. > > However, I have found out that when I do this: > > $this->Acl->check('create') > > ...a zero causes it to 'continue' and look further up the hierarchy, > towards the parent, and get the permission from there. > > Myaconodes are in a hierarchy, so this means I can't deny a child > access to something a parent has access to! (because if I deny all and > then allow the ones I want, then check looks to the parent for the > one's I didn't explictly allow) > > Am I misunderstanding things? Has anyone else had this problem? > > Thanks in advance, > Paul. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---