Anyone any ideas? Surely ACL shouldn't be this hard?
By the way, I'm using PHP 5 and Cake 1.2.
On 31 Aug, 10:44, Paul <[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I'm getting more and more frustrated withACL, so please someone help
> me before I drive myself mad! I'm sure once I'm over this last hurdle
> it'll all fall into place :)
>
> If i do this:
>
> $this->Acl->deny($aroNode,$acoNode);
>
> then all the _read, _update etc. fields in the aros_acos table are set
> to -1 (or 1 if I'd used allow). So far so good!
>
> However, If I have an array of 'actions', like this:
>
> $actions = Array('read','update');
>
> And I set permissions like this:
>
> $this->Acl->allow($aroNode,$acoNode,$actions);
>
> Then _read and _update are set to 1 (as expected), but the rest are
> set to zero - they are not left as they are (I explicitly do a deny
> all before I call allow). This doesn't seem right to me - I would've
> thought 'allowing' a set of permissions would leave the others
> untouched?
>
> Try as I might I can't work out where in the cake source it's doing
> this setting to zero.
>
> However, I have found out that when I do this:
>
> $this->Acl->check('create')
>
> ...a zero causes it to 'continue' and look further up the hierarchy,
> towards the parent, and get the permission from there.
>
> Myaconodes are in a hierarchy, so this means I can't deny a child
> access to something a parent has access to! (because if I deny all and
> then allow the ones I want, then check looks to the parent for the
> one's I didn't explictly allow)
>
> Am I misunderstanding things? Has anyone else had this problem?
>
> Thanks in advance,
> Paul.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
