In case anyone else has this problem in the future I thought it worth mentioning my solution.
The answer to this question is: yes it does work. However, the database ACL tables were created with the script provided with Cake in an older version of Cake. That version set the field types for _create, _read, _update, _delete to tinyint(1). The result was that when Acl->deny() tried to set the value of the field to -1 it ended up as 1 instead. Langdon Langdon Stevenson wrote: > I have been trying to use the Acl->deny() function (with database stored > ACL) to remove a user's access to certain actions in my application. > However deny() appears to "allow" rather than "deny" access. > > After about an hour of fiddling and reviewing log output I manually > changed all permissions fields in the user's ArosAco records from 1 to 0 > > When I tried to access the denied pages I was blocked (as expected). > > Then I ran my Acl->deny() code again and checked the database. The > permissions fields in the user's records had been switched back to 1. > > exact code being executed: > > $this->Acl->deny('[EMAIL PROTECTED]', 'subscription_1'); > $this->Acl->deny('[EMAIL PROTECTED]', 'subscription_2'); > > This is based on the example code from the manual: > > $this->Acl->deny('Abraham Lincoln', 'United States Army'); > > > Is this known behavior, or is it a bug? Or am I missing something ... > > I have had a look through the ACL code, but can't see why the deny > wouldn't work. > > Any feedback would be much appreciated. > > Regards, > Langdon > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---