Re: Question about the actions in aros_acos
A zero has a lot to do with the process. It means that specific
permission is inherited from a parent node.
On Feb 21, 3:49 am, Joshua wrote:
> I got it!
> //code
> switch ($perm['_' . $action]) {
> case -1:
> return false;
> case 0:
> continue;
> break;
> case 1:
> return true;
> break;
> }
> //code end
> 0: will has nothing to do with your check process;
> -1: if _create was setted -1 , and you write like this
> '$this->Acl->check('group.anonymous', $aco, "write")', you will get a false
>
> return.
>
> That means we can set these four actions separately.
>
> On Feb 21, 10:29 am, Joshua wrote:
>
> > Steve, thank you!
> > Yeah, I found this in cake source code
>
> > //code
> > /**
> > * Determines whether the given user is authorized to perform an
> > action. The type of
> > * authorization used is based on the value of AuthComponent::
> > $authorize or the
> > * passed $type param.
> > *
> > * Types:
> > * 'controller' will validate against Controller::isAuthorized() if
> > controller instance is
> > * passed in $object
> > * 'actions' will validate Controller::action against an
> > AclComponent::check()
> > * 'crud' will validate mapActions against an AclComponent::check()
> > * array('model'=> 'name'); will validate mapActions against
> > model
> > * $name::isAuthorized(user, controller, mapAction)
> > * 'object' will validate Controller::action against
> > * object::isAuthorized(user, controller, action)
> > *
> > * @param string $type Type of authorization
> > * @param mixed $object object, model object, or model name
> > * @param mixed $user The user to check the authorization of
> > * @return boolean True if $user is authorized, otherwise false
> > * @access public
> > */
> > function isAuthorized($type = null, $object = null, $user = null) {
> > //code end
> > There is another question, if _create action was setted -1 and others
> > were setted 1. What will happen?
> > Hope somebody can help! :-)
>
> > On Feb 21, 8:03 am, stevel wrote:
>
> > > I'm not an expert in this. This is my understanding. How the 4 action
> > > settings are used depends on the type of authorization mode you are
> > > using. If you select the CRUD mode Auth->authorize = 'crud', then the
> > > full functionality of the aros_acos table will be utilized, so that
> > > access will be granted to an action only if the column for that action
> > > is set to a value of ‘1’. So for this situation, you can have a
> > > mixture of "1" and "0" for the 4 action column.
>
> > > But if you set Auth->authorize = 'actions' or Auth->authorize =
> > > 'controller', then the 4 settings are used differently. For example, I
> > > use Auth->authorize = 'actions'; then in the aros_acos table for a
> > > particular action, I have to set all 4 settings to "1" to allow access
> > > permission to that action or set to "0" to deny access. If any one of
> > > the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the
> > > entire node. Which is what you brought up as true and false setting.
> > > So if you want it to be true, set all 4 columns to "1", or if you want
> > > it to be false, set all to "0" (or at least one column to "0").
>
> > > Not sure if that helps or not. If my understanding is incorrect,
> > > hopefully some experts will help explain it better.
>
> > > Cheers,
> > > Steve
>
> > > On Feb 20, 6:42 am, Joshua wrote:
>
> > > > Thanks for your reply!
> > > > So what's meaning of these four actions, like
> > > > _update,_create,_read,_delete in table aros_acos?
> > > > We say an user has the read rights of an action post?
> > > > In my opinion, there should be only two status, true or false instead
> > > > of these four actions. If true, we can say an user has the right of
> > > > post action. If false, an user has no rights to the action.
> > > > ?
>
> > > > On Feb 20, 10:09 pm, James Louie Puro
> > > > wrote:
>
> > > > > I think not...while AROs are elements trying to gain access to a
> > > > > protected
> > > > > system like users and groups, ACOs are elements (actions) that are
> > > > > being
> > > > > protected.
>
> > > > > so you can add acos (action) in your controller just like function
> > > > > index,
> > > > > view...etc
> > > > > and assign AROs to it.
>
> > > > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote:
>
> > > > > > Is there anybody can help me?
>
> > > > > > On Feb 20, 8:22 pm, Joshua wrote:
> >
Re: Question about the actions in aros_acos
I got it!
//code
switch ($perm['_' . $action]) {
case -1:
return false;
case 0:
continue;
break;
case 1:
return true;
break;
}
//code end
0: will has nothing to do with your check process;
-1: if _create was setted -1 , and you write like this '$this->Acl-
>check('group.anonymous', $aco, "write")', you will get a false
return.
That means we can set these four actions separately.
On Feb 21, 10:29 am, Joshua wrote:
> Steve, thank you!
> Yeah, I found this in cake source code
>
> //code
> /**
> * Determines whether the given user is authorized to perform an
> action. The type of
> * authorization used is based on the value of AuthComponent::
> $authorize or the
> * passed $type param.
> *
> * Types:
> * 'controller' will validate against Controller::isAuthorized() if
> controller instance is
> * passed in $object
> * 'actions' will validate Controller::action against an
> AclComponent::check()
> * 'crud' will validate mapActions against an AclComponent::check()
> * array('model'=> 'name'); will validate mapActions against
> model
> * $name::isAuthorized(user, controller, mapAction)
> * 'object' will validate Controller::action against
> * object::isAuthorized(user, controller, action)
> *
> * @param string $type Type of authorization
> * @param mixed $object object, model object, or model name
> * @param mixed $user The user to check the authorization of
> * @return boolean True if $user is authorized, otherwise false
> * @access public
> */
> function isAuthorized($type = null, $object = null, $user = null) {
> //code end
> There is another question, if _create action was setted -1 and others
> were setted 1. What will happen?
> Hope somebody can help! :-)
>
> On Feb 21, 8:03 am, stevel wrote:
>
> > I'm not an expert in this. This is my understanding. How the 4 action
> > settings are used depends on the type of authorization mode you are
> > using. If you select the CRUD mode Auth->authorize = 'crud', then the
> > full functionality of the aros_acos table will be utilized, so that
> > access will be granted to an action only if the column for that action
> > is set to a value of ‘1’. So for this situation, you can have a
> > mixture of "1" and "0" for the 4 action column.
>
> > But if you set Auth->authorize = 'actions' or Auth->authorize =
> > 'controller', then the 4 settings are used differently. For example, I
> > use Auth->authorize = 'actions'; then in the aros_acos table for a
> > particular action, I have to set all 4 settings to "1" to allow access
> > permission to that action or set to "0" to deny access. If any one of
> > the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the
> > entire node. Which is what you brought up as true and false setting.
> > So if you want it to be true, set all 4 columns to "1", or if you want
> > it to be false, set all to "0" (or at least one column to "0").
>
> > Not sure if that helps or not. If my understanding is incorrect,
> > hopefully some experts will help explain it better.
>
> > Cheers,
> > Steve
>
> > On Feb 20, 6:42 am, Joshua wrote:
>
> > > Thanks for your reply!
> > > So what's meaning of these four actions, like
> > > _update,_create,_read,_delete in table aros_acos?
> > > We say an user has the read rights of an action post?
> > > In my opinion, there should be only two status, true or false instead
> > > of these four actions. If true, we can say an user has the right of
> > > post action. If false, an user has no rights to the action.
> > > ?
>
> > > On Feb 20, 10:09 pm, James Louie Puro
> > > wrote:
>
> > > > I think not...while AROs are elements trying to gain access to a
> > > > protected
> > > > system like users and groups, ACOs are elements (actions) that are
> > > > being
> > > > protected.
>
> > > > so you can add acos (action) in your controller just like function
> > > > index,
> > > > view...etc
> > > > and assign AROs to it.
>
> > > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote:
>
> > > > > Is there anybody can help me?
>
> > > > > On Feb 20, 8:22 pm, Joshua wrote:
> > > > > > Hi,
> > > > > > I try to add ACL to my application, but when I take a look at the
> > > > > > table 'aros_acos', it seems there is only four actions in the table.
> > > > > > Did it mean that we can only use four actions in our applications?
> > > > > > Is there any body can explain this? Many thanks!
--~--~-~--~~---
Re: Question about the actions in aros_acos
Steve, thank you!
Yeah, I found this in cake source code
//code
/**
* Determines whether the given user is authorized to perform an
action. The type of
* authorization used is based on the value of AuthComponent::
$authorize or the
* passed $type param.
*
* Types:
* 'controller' will validate against Controller::isAuthorized() if
controller instance is
* passed in $object
* 'actions' will validate Controller::action against an
AclComponent::check()
* 'crud' will validate mapActions against an AclComponent::check()
* array('model'=> 'name'); will validate mapActions against model
* $name::isAuthorized(user, controller, mapAction)
* 'object' will validate Controller::action against
* object::isAuthorized(user, controller, action)
*
* @param string $type Type of authorization
* @param mixed $object object, model object, or model name
* @param mixed $user The user to check the authorization of
* @return boolean True if $user is authorized, otherwise false
* @access public
*/
function isAuthorized($type = null, $object = null, $user = null) {
//code end
There is another question, if _create action was setted -1 and others
were setted 1. What will happen?
Hope somebody can help! :-)
On Feb 21, 8:03 am, stevel wrote:
> I'm not an expert in this. This is my understanding. How the 4 action
> settings are used depends on the type of authorization mode you are
> using. If you select the CRUD mode Auth->authorize = 'crud', then the
> full functionality of the aros_acos table will be utilized, so that
> access will be granted to an action only if the column for that action
> is set to a value of ‘1’. So for this situation, you can have a
> mixture of "1" and "0" for the 4 action column.
>
> But if you set Auth->authorize = 'actions' or Auth->authorize =
> 'controller', then the 4 settings are used differently. For example, I
> use Auth->authorize = 'actions'; then in the aros_acos table for a
> particular action, I have to set all 4 settings to "1" to allow access
> permission to that action or set to "0" to deny access. If any one of
> the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the
> entire node. Which is what you brought up as true and false setting.
> So if you want it to be true, set all 4 columns to "1", or if you want
> it to be false, set all to "0" (or at least one column to "0").
>
> Not sure if that helps or not. If my understanding is incorrect,
> hopefully some experts will help explain it better.
>
> Cheers,
> Steve
>
> On Feb 20, 6:42 am, Joshua wrote:
>
> > Thanks for your reply!
> > So what's meaning of these four actions, like
> > _update,_create,_read,_delete in table aros_acos?
> > We say an user has the read rights of an action post?
> > In my opinion, there should be only two status, true or false instead
> > of these four actions. If true, we can say an user has the right of
> > post action. If false, an user has no rights to the action.
> > ?
>
> > On Feb 20, 10:09 pm, James Louie Puro
> > wrote:
>
> > > I think not...while AROs are elements trying to gain access to a protected
> > > system like users and groups, ACOs are elements (actions) that are being
> > > protected.
>
> > > so you can add acos (action) in your controller just like function index,
> > > view...etc
> > > and assign AROs to it.
>
> > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote:
>
> > > > Is there anybody can help me?
>
> > > > On Feb 20, 8:22 pm, Joshua wrote:
> > > > > Hi,
> > > > > I try to add ACL to my application, but when I take a look at the
> > > > > table 'aros_acos', it seems there is only four actions in the table.
> > > > > Did it mean that we can only use four actions in our applications?
> > > > > Is there any body can explain this? Many thanks!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Question about the actions in aros_acos
I'm not an expert in this. This is my understanding. How the 4 action settings are used depends on the type of authorization mode you are using. If you select the CRUD mode Auth->authorize = 'crud', then the full functionality of the aros_acos table will be utilized, so that access will be granted to an action only if the column for that action is set to a value of ‘1’. So for this situation, you can have a mixture of "1" and "0" for the 4 action column. But if you set Auth->authorize = 'actions' or Auth->authorize = 'controller', then the 4 settings are used differently. For example, I use Auth->authorize = 'actions'; then in the aros_acos table for a particular action, I have to set all 4 settings to "1" to allow access permission to that action or set to "0" to deny access. If any one of the 4 is set to ‘0’ or ‘-1’ no permission will be granted to the entire node. Which is what you brought up as true and false setting. So if you want it to be true, set all 4 columns to "1", or if you want it to be false, set all to "0" (or at least one column to "0"). Not sure if that helps or not. If my understanding is incorrect, hopefully some experts will help explain it better. Cheers, Steve On Feb 20, 6:42 am, Joshua wrote: > Thanks for your reply! > So what's meaning of these four actions, like > _update,_create,_read,_delete in table aros_acos? > We say an user has the read rights of an action post? > In my opinion, there should be only two status, true or false instead > of these four actions. If true, we can say an user has the right of > post action. If false, an user has no rights to the action. > ? > > On Feb 20, 10:09 pm, James Louie Puro > wrote: > > > I think not...while AROs are elements trying to gain access to a protected > > system like users and groups, ACOs are elements (actions) that are being > > protected. > > > so you can add acos (action) in your controller just like function index, > > view...etc > > and assign AROs to it. > > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote: > > > > Is there anybody can help me? > > > > On Feb 20, 8:22 pm, Joshua wrote: > > > > Hi, > > > > I try to add ACL to my application, but when I take a look at the > > > > table 'aros_acos', it seems there is only four actions in the table. > > > > Did it mean that we can only use four actions in our applications? > > > > Is there any body can explain this? Many thanks! > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Question about the actions in aros_acos
Thanks for your reply! So what's meaning of these four actions, like _update,_create,_read,_delete in table aros_acos? We say an user has the read rights of an action post? In my opinion, there should be only two status, true or false instead of these four actions. If true, we can say an user has the right of post action. If false, an user has no rights to the action. ? On Feb 20, 10:09 pm, James Louie Puro wrote: > I think not...while AROs are elements trying to gain access to a protected > system like users and groups, ACOs are elements (actions) that are being > protected. > > so you can add acos (action) in your controller just like function index, > view...etc > and assign AROs to it. > > On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote: > > > Is there anybody can help me? > > > On Feb 20, 8:22 pm, Joshua wrote: > > > Hi, > > > I try to add ACL to my application, but when I take a look at the > > > table 'aros_acos', it seems there is only four actions in the table. > > > Did it mean that we can only use four actions in our applications? > > > Is there any body can explain this? Many thanks! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Question about the actions in aros_acos
I think not...while AROs are elements trying to gain access to a protected system like users and groups, ACOs are elements (actions) that are being protected. so you can add acos (action) in your controller just like function index, view...etc and assign AROs to it. On Fri, Feb 20, 2009 at 5:01 PM, Joshua wrote: > > Is there anybody can help me? > > On Feb 20, 8:22 pm, Joshua wrote: > > Hi, > > I try to add ACL to my application, but when I take a look at the > > table 'aros_acos', it seems there is only four actions in the table. > > Did it mean that we can only use four actions in our applications? > > Is there any body can explain this? Many thanks! > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Question about the actions in aros_acos
Is there anybody can help me? On Feb 20, 8:22 pm, Joshua wrote: > Hi, > I try to add ACL to my application, but when I take a look at the > table 'aros_acos', it seems there is only four actions in the table. > Did it mean that we can only use four actions in our applications? > Is there any body can explain this? Many thanks! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
