Hi all,
I started my community website without acl. Now its time to have acl
as I want to have moderators for some parts of the website.
I wrote a little controller, that assists me in putting all the aros
and acos in the db. In order for it to work i had to set the max
execution time in
Show your code where you check permissions
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
Hello,
I have been working on an app for quite a while now, and I have just
noticed that my ACL doesn't seem to be doing anything: once logged in,
all actions are allowed. I have checked through the ACL tutorial in
the manual a few times and even removed and replaced the code
snippets. I
I would like to add an admin portion to my app.
So far I have followed the Acl example in the Cookbook most of the
way.
What I don't is how the aros work.
If I create a user, how do I (or even can I) choose whether this new
user is an admin or a regular user? Or do I have to create a s
Hi,
For a project I'm implementing its CakePHP ACL-component. I'm making
use of the "CRUD"-authorization. I want to be able to specify rights
on a record specific level, but I have a feeling the core component
doesn't support this.
Therefore I've altered
Think you want to look at the tutorial at the end of the Cake book/
doco, in particular the acts as requestor stuff
http://book.cakephp.org/view/641/Simple-Acl-controlled-Application
On Jul 28, 7:04 pm, Andraž wrote:
> If I add in User model
> var $actsAs = array('Acl'=>
If I add in User model
var $actsAs = array('Acl'=>'requester');
Then I get this errors.
Warning (512): Callback parentNode() not defined in Mrartist [CORE/
cake/libs/model/behaviors/acl.php, line 62]
Warning (512): Callback parentNode() not defined in Mrcompany [CORE/
ca
I am implementing ACL for an existing site.
There is a view file , the name of the view file is edit.ctp it is
under the folder acl_aros.
This view file contains a single text box, and this value is used for
the 'alias' column in 'aros' table.
The name of the controlle
So far i have two small cake projects behind me.
In those two i have been using Auth component only for user
autentication. Now i need something like ACL and i have two models:
people and animals. Both need separate registration and i want to
start building acl component with both as users. So
Hi ,
i'm a newbie to cakePHp component.
I ahd built a cakePHP application which has a login feature.
I had not used "Auth" component but was using my custom method for
authenticating.
Now I want to use the 'Acl' component in the same appllication but i'm
unable to
Hi,
I want to control access for unregisteres/unlogged users using Acl -
i've setup it , tested it's working i can create new groups , users,
add user to group and setup group premissions for specific controller
actions
I've created usergroup called unregistered and user called t
Please see "network" messages in firebug. Internet explorer does not
function...
On 12 jul, 03:09, Turgs wrote:
> Hello
>
> I'm trying to use theACLManagementPlugin.
>
> Does anyone have any suggestions with this small issue:
>
> I can access the 'Manage AROs' page. When I go to 'Create' a new A
Hello
I'm trying to use the ACL Management Plugin.
Does anyone have any suggestions with this small issue:
I can access the 'Manage AROs' page. When I go to 'Create' a new ARO',
the little status text changes to 'Loading' (which I think is done by
AJA
Hi, I'm a relative nooob to cakephp so this may be obvious to someone
but its not hitting me in the face.
I have setup ACL, and have User and Group models acting as requestors
(so when I insert a user or group the ARO table is updated).
What I want to do is show the details of the ARO
Hello,
You can cache permissions using
http://bakery.cakephp.org/articles/view/caching-acl-permissions-with-cachedaclcomponent
Amit
http://amitrb.wordpress.com/
http://coppermine-gallery.net/
http://cheesecake-photoblog.org/
http://www.sanisoft.com/blog/author/amitbadkas
On Thu, Jul 9, 2009
Hello,
http://bakery.cakephp.org/articles/view/caching-acl-permissions-with-cachedaclcomponentis
one of the solutions to cache permissions to speed-up permission
checking
Hope this helps
Amit
http://amitrb.wordpress.com/
http://coppermine-gallery.net/
http://cheesecake-photoblog.org/
http
I am using ACL in following way
AROs Pattern
Groups > Users
ACOs Pattern
All->Controllers->Actions
Now if i check certain Action against certain group, the System make 4
queries at every execution.
So is it useful using ACl.. Can it make any prob if the application
gets heavy? Coz
I am using ACL in following way
AROs Pattern
Groups > Users
ACOs Pattern
All->Controllers->Actions
Now if i check certain Action against certain group, the System make 4
queries at every execution.
So is it useful using ACl.. Can it make any prob if the application
gets heavy? Coz
is there any sort of caching, the acl component provides by default.
and would there be any speed issue if i use acl. if so, is it possible
to optimize acl.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Ca
is there any sort of caching, the acl component provides by default.
and would there be any speed issue if i use acl. if so, is it possible
to optimize acl.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Ca
Well you can't just run that command copy + paste style. The idea was
to show how the parameters are used. Not give a concrete use.
so you could do
cake acl grant jimbo controllers '*'
or
cake acl grant barney controllers/beers/drink '*'
But simply copying and past
ication and am having an issue with one of my
> > > controllers. I get the following message in Firefox
>
> > > "Redirection limit for this URL exceeded. Unable to load the
> > > requested page. This may be caused by cookies that are blocked"
>
> > >
URL exceeded. Unable to load the
> > requested page. This may be caused by cookies that are blocked"
>
> > I have followed the cookbook tutorial Simple Acl controlled
> > Application. I haven't got this error on my other controllers so I'm
> > wondering
he following message in Firefox
>
> "Redirection limit for this URL exceeded. Unable to load the
> requested page. This may be caused by cookies that are blocked"
>
> I have followed the cookbook tutorial Simple Acl controlled
> Application. I haven't got this erro
s function:
// "controllers" is the top level (site), followed by controller,
followed by action.
function initDb() {
// we dont need a view for this action:
$this->autoRender = false;
$group =& $this->User->Group;
// Admins
k tutorial Simple Acl controlled
Application. I haven't got this error on my other controllers so I'm
wondering what has gone wrong. The error is intermittent but it is a
bit of a show stopper.
Any help you can give would be gratefully received.
B
I'm following the tutorial on ACLs and I'm stuck here:
http://book.cakephp.org/view/648/Setting-up-permissions
I'm on windows :-( and when I issue this command:
cake acl grant $aroAlias $acoAlias [create|read|update|delete|'*']
I get this error message in return: &quo
Hi Jeroen,
Basically the question you asking of course goes beyond the scope of just
acl itself and does indeed fit into the category of database synchronization
or deployment, and as far as that goes there are any number of solutions. We
have had similar situations specifically with acl of
I can't speak for others, but I don't understand the question. If
you're migrating your DB from one server to the other, why wouldn't
that include your ACL info?
Also, why do you have 'foreign_key' => 0? How can you have 0 as a foreign key?
And "Guest"
nobody know's it?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@goo
I have a development and a production envirnoment.
To keep the databases up to date for both envirnoments, migrations are
excellent.
Is there something like that for ACL permissions?
I now use a temporary function to set the permissions and the aco_sync
plugin for keeping the ACO up to date.
In
I am setting up a new app using ACL. I am using Role ,
user can only have 1 role
so User model has:
var $hasOne = array(
'Role' => array(
'className' => 'Role',
'foreignKey' => 'user_id',
'dependen
It's really weird.I can't think what is going on.
2009/6/26 DigitalDude
>
> Hey,
>
> yeah the problem with who can edit what is solved and works fine. The
> action is just usable for anyone who knows the correct url, and all
> other actions are blocked by the A
Hey,
yeah the problem with who can edit what is solved and works fine. The
action is just usable for anyone who knows the correct url, and all
other actions are blocked by the ACL unless you login into the
system.
I don't know what this is, this makes no sense at all, as all other
actions
f you use action mode you do $this->Acl->allow($aroAlias,$acoAlias);
which means $this->Acl->allow(users,scooters/edit);
So you allow users to edit any scooter,but to edit ONLY their own you do
what i post you 1st.
2009/6/26 DigitalDude
>
> Hey,
>
> it is an edit
Hey,
it is an edit action for an item, and it is similar to other ones I
have in my app and all other ones are denied for non-logged-in users
(which means, in all other actions, the ACL works fine).
I checked the controller if there were any allowedActions in the
beforeFilter and other pre
ssible for logged in users. But it isn't
> even though other actions (with parameters!) are secured by ACL and
> only viewable while logged in.
> >
>
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
&quo
other actions (with parameters!) are secured by ACL and
only viewable while logged in.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@goog
I suppose you want the http://www.myapp.com/controller/action/5 to be
accessed only with the owner of this.If this is what you might want to this
particular url will help you
http://aranworld.com/article/189/cakephp-acl-and-auth-record-level-protection-and-crud
Hope it helps,
regards Paulos
2009
Hey,
In my app I have the following ACL issue:
All actions/controllers are secured by ACL and a user should only see
pages when he is logged in. This works fine in general, but I
discovered a weird error today which is given me a headache:
When you enter the url
http://www.myapp.com
On Thu, Jun 25, 2009 at 5:13 AM, Walther wrote:
>
> You could make more then one database config item and use them on the
> required tables?
Good point. I tend to think of the DB configs as being for a specific
database. Of course, there's nothing stopping you from using the same
DB but with sepa
On Jun 25, 2:39 am, brian wrote:
> On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> > I do use prefix param for some other projects where ACL is NOT
> > utilized.
> > However, my particular concern is about ACL component, I am not sure
> > if ACL component res
You could make more then one database config item and use them on the
required tables?
On Jun 25, 2:39 am, brian wrote:
> On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> > I do use prefix param for some other projects where ACL is NOT
> > utilized.
> > However, my par
On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> I do use prefix param for some other projects where ACL is NOT
> utilized.
> However, my particular concern is about ACL component, I am not sure
> if ACL component respects $prefix param. (i.e. the sql statements to
> create a
I do use prefix param for some other projects where ACL is NOT
utilized.
However, my particular concern is about ACL component, I am not sure
if ACL component respects $prefix param. (i.e. the sql statements to
create aros and acos table do not take prefix into account).
Aslo, when we specify
On Tue, Jun 23, 2009 at 11:25 PM, zonium wrote:
>
>
> We are forced to follow some naming conventions for our tables (some
> prefix needs to be added to the table names). I am going to use ACL
> component, but I wonder if I can use different names for aros, acos
> and aco
We are forced to follow some naming conventions for our tables (some
prefix needs to be added to the table names). I am going to use ACL
component, but I wonder if I can use different names for aros, acos
and acos_aros tables (e.g adding a prefix)?
Thanks,
Zonium
hi people,
I want to build an Acl app with these details:
I want have 3 groups Admin,User_Premium,User_Guest.
So my aro tree will be something like that:
-Admin
-User_Premium
-User_Guest
And aco tree:
-controllers
-Users
-add
-view
-index
-edit
-delete
-change_status
Hello peeps,
i am trying to build an Acl app for my needs and i want help.I have
read many articles in google but most off them have bugs or are
outdated.To make you understand,i want a simple authorization (i have
already install Auth and works fine for authentication) for some
actions.
First of
On Sat, Jun 13, 2009 at 6:32 PM, Luos wrote:
>
> Hello,
> i am making this tutorial:
> http://book.cakephp.org/view/645/Acts-As-a-Requester
> (http://book.cakephp.org/view/93/ACL)
>
> When im creating groups, there is nothing changing in the aro table
> (its still
Hello,
i am making this tutorial: http://book.cakephp.org/view/645/Acts-As-a-Requester
(http://book.cakephp.org/view/93/ACL)
When im creating groups, there is nothing changing in the aro table
(its still empty)
AppController:
class AppController extends Controller {
var $components = array
If you want to use a completely custom security model, you'll have to
build a completely custom set of components to support it. Unless
you're going to translate your setup into an ACL model, there isn't
much you can do.
- James
On Jun 3, 6:26 am, Jenski wrote:
> I have a d
can become extremely more flexible by having roles
and groups.
A question many people always have when reading those ACL tutorials
is... "How do I make it so a user only edits his own post"? or "How do
I make it so a user only edits certain posts"?
This is where groups would come in. Th
Well,
I see a difference between roles and groups and therefore I think it
would actually be easier to separate them. Roles are very basic and
only define the user's "level" of access. ie: the areas the user can
access. Groups, however, can be more informative. They are not only an
entity which h
On 11 Cze, 08:58, CMNAJS wrote:
> But Why we need roles and groups both? Isn't either of them is
> enough.. and fulfill the requirement..
> As We can have users under groups in AROs and assign certain ACOs to a
> group so that the usres of that group have access to those ACOs..
IMO there's one
That makes things bit clear..
But Why we need roles and groups both? Isn't either of them is
enough.. and fulfill the requirement..
As We can have users under groups in AROs and assign certain ACOs to a
group so that the usres of that group have access to those ACOs..
What you think??
And I am
To expand on this, the relations would look like this:
User belongs to Group and Role (you can to HABTM, but lets keep it
simple)
Both Group and Role are AROs
ACOs can either be areas (/posts/index/) or resources (Post.232 + CRUD
permission)
When a user access the following area - /posts/edit/23
I've read a few CakePHP ACL + Auth tutorials online and they all seem
to use the terms "groups" when they should really be using "roles".
Maybe I'm not understanding ACL correctly, but the way I see it being
used is to allow/deny access to certain areas (as oppose
Hi! I think this must be a simple question, but I am not able to find
the solution.
I have implemented an ACL + Auth user system and I would like to show
an error message for users who have not access to an action.
In the current configuration, when a user has no access by ACL, cake
just
Hi all,
I'm using the Acl component for some of my models to have CRUD
control. Now I need to filter results based on read rights to a model,
I was thinking $model->afterFind() would be a good place, but I can't
access the Acl component from within a model.
What would be a proper w
I don't know if it really matters if you change you schema to Cakes
conventions. The Models are pretty configurable if you know how to do
it.
As far the ACL there have been many posts on how to set them up. I've
explained how I set must stuff up once before. Check it out and see
if
ok, the tables are now how you suggested... what's the next step? Any
ideas?
On Jun 3, 7:40 pm, brian wrote:
> If your models/tables don't follow Cake's conventions, you're going to
> cause yourself more trouble than it's worth. Given that Cake's ACL is
>
If your models/tables don't follow Cake's conventions, you're going to
cause yourself more trouble than it's worth. Given that Cake's ACL is
already a bear to work with, I strongly suggest you get the other
stuff in order first.
On Wed, Jun 3, 2009 at 2:26 PM, Jensk
Its not the model's I'm having problems with...
it's the setting up of ACL - any ideas?
On Jun 3, 7:17 pm, brian wrote:
> You should clean up your table schema, first to get them in line with
> Cake's conventions. It'll save you lots of headaches down the road.
; - Staff
>
> Few notes:
> -Each member of staff belongs to department
> -If the Staffs logon_code appears in the manager table they are a
> Manager, otherwise they are a member of staff
> -If the staffs logon_code appears in the manager table and SystemAdmin
> is set to 1, th
Manager, otherwise they are a member of staff
-If the staffs logon_code appears in the manager table and SystemAdmin
is set to 1, they are Admin
How on earth do I go about setting ACL/Auth for this? Any ideas?
CREATE TABLE `tblStaff` (
`StaffID` int(11) NOT NULL auto_increment,
`dept_id` varchar
For my application I need a ACL with habtm.
In my book "Webentwicklung mit CakePHP" there´s only an example with a
hasMany relation.
I can't find anything I the web belonging to ACL and habtm (with the
ACL of cakePHP and no custom solutions).
For testing purposes I only have a
Try to use this: $this->Auth->allowedActions = array('login','logout',
'register').
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To un
n...
even though they are not in the beforeFilter. The odd thing is, in all my
other classes (not User) I can deny ACL priveledges and the users can't
access those views. It just doesn't work for add, edit, and index in the
user. perhaps it's because the user class actsAs ACL in t
Hi,
i've used ACL im my project and i have learned how to use that based
on link given by Delberto above. It works. You probably made something
wrong. Are you sure you deleted, in beforeFilter, the line $this->Auth-
>allowedActi
Hari,
Is there any way to create an ACL node by the console which has
model.id AND alias property also? I may do it by sql but I can not
figure out how to do it with the cake console.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to
I had actually tried this exact example for the permissions and it didn't
work...
hahmadi82 wrote:
>
> Hi,
>
> I have set up my ACL based on this tutorial:
>
> http://komunitasweb.com/2009/03/cakephp-acl-tutorial-what-and-how/
>
> This tutorial has a user manag
Hello,
Try this page. -->http://book.cakephp.org/view/648/Setting-up-
permissions
It is part of the turorial on Auth and ACL. It seems to work for me.
$group =& $this->User->Group;
$group->id = 2;
$this->Acl->deny($group, 'controllers');
Best Regards,
Del
Hi,
I have set up my ACL based on this tutorial:
http://komunitasweb.com/2009/03/cakephp-acl-tutorial-what-and-how/
This tutorial has a user management system with add, delete, index, and edit
functionality. The problem I'm having is that no matter how I set up my
aros_acos permissions
Hello everyone,
First of all, excuse my english, i will make all effort for being
clear.
I have a question about ACL and/or Groups.
I created an application with CakePHP with "Users" and "Groups".
Groups are managed by a classic TREE behavior and everything is
working fine
Hi Celso,
perhaps I could be wrong, but i think this:
GLOBAL DATABASE
User
Group
Aro
APP DATABASE
aco
aros_acos
In APP->Model file, the var $useTable is useful.
will it work?
On 14 maio, 14:38, Celso wrote:
> How create a unique ACL for multiples apps? Because we have many app
you to have groups which
don't specifically contradict other groups, combined with a "allow
then deny" or "deny then allow" you can have the muliple groups
interacting without the "no permissions" groups being read as a deny
in your ACL setup admin UI.
-Ben
On May
How create a unique ACL for multiples apps? Because we have many apps
to migrate to CakePHP, these apps actually uses a unique "ugly" auth
for all apps...
Thanks,
Celso
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Goo
I'm needing a slightly tougher method of verifying a users access.
There will be 3 tables.
Users (id,username, password)
Groups (id, group_name)
group_users (id, user_id, group_id)
I'm assuming that the acos, aros, and acos_aros tables will be used as
well, or some variation of it.
All access i
: John Andersen [mailto:j.andersen...@gmail.com]
Sent: May-14-09 3:32 AM
To: CakePHP
Subject: Re: ACL issue
Ok, I will try to look at it in between working :) ... Hopefully someone
else may know about this too, and reply to you while I am looking!
John
On May 13, 5:06 pm, "Dave Ma
Hi everyone ..
I am trying (for the first time) to implement ACL in my app. While I
think I have generally understood how to do that, from reading the
manual and different tutorials, I still have some basic questions:
1. I will need groups. So far I only have a User-model and was
planning to map
int
>
> Array
> (
> [0] => Created Aco node for apply
>
>
>
> [238] => Created Aco node for admin_edit
> )
>
> It stops at 238 but looking thru the array I can clearly see missing actions
> not in the array, check the db and nothing was cr
[mailto:j.andersen...@gmail.com]
Sent: May-13-09 3:47 AM
To: CakePHP
Subject: Re: ACL issue
Hi Dave,
Can you post the created sql statements, that may help to discover why!
MAX_JOIN_SIZE is the limit on number of records that one SELECT using JOINs
may process. As specified in the MySql forum,
?
>
>
>
> From: Dave Maharaj :: WidePixels.com [mailto:d...@widepixels.com]
> Sent: May-12-09 9:29 PM
> To: cake-php@googlegroups.com
> Subject: ACL issue
>
> Asked this before but did some more testing and the problem has come up
> again.
>
&
:: WidePixels.com [mailto:d...@widepixels.com]
Sent: May-12-09 9:29 PM
To: cake-php@googlegroups.com
Subject: ACL issue
Asked this before but did some more testing and the problem has come up
again.
When building an ACL app i followed the cookbook and initBD and buildACL
work fine. When I add tables to
Asked this before but did some more testing and the problem has come up
again.
When building an ACL app i followed the cookbook and initBD and buildACL
work fine. When I add tables to that setup and then I get MAX_JOIN error in
SQL? What would cause this? I checked mySQL settings and
I created an application using the method described in the "http://
book.cakephp.org/view/641/Simple-Acl-controlled-Application" but after
I try to log in there is an error which says, "DbAcl::allow() -
Invalid node [CORE\cake\libs\controller\components\acl.php, line 325]"
I
xing
Try providing some context around your error. You won't get much help
with such generic statements.
What does the code in the calling action's controller look like? Have
you verified the nodes you are allowing to access each other exists in
the ARO and ACO tables?
Have yo
9 am, albe wrote:
> Hi,
> I'm trying to follow the "Simple ACL" tutorial but I've got a problem
> just after the database configuration with cake bake.
> The steps I take are the following:
>
> - I copy cake code in my htdocs directory
> - I create a database wi
Faza, appreciate the help. The problem I see with your approach occurs
in your earlier example here:
>>in view i put this: (yes, I will make a helper to do it one day)
if (in_array($session->read('Auth.User.group'), array("Administrator",
"Designer"))
{
...
}
This assumes (hard-coded in the view
Hi,everyone!
I have a problem about ACL, there always a warnning like
this:
" DbAcl::allow() - Invalid node [CORE\cake\libs\controller
\components\acl.php, line 325"
who know this,please help me! thanks!
--~--~-~--~~~---~--
always have access to that item.
> Let's say then with ACL you remove that right... all the views where
> you have that hard-coded logic would then need to be updated, which is
> the problem I am trying to avoid.
>
> Ideally, ACL would be the one place to go where that is contr
Thanks Faza - but that doesn't work because that makes the assumption
in the view that the group would always have access to that item.
Let's say then with ACL you remove that right... all the views where
you have that hard-coded logic would then need to be updated, which is
the pr
Although not a best way to achieve this, but so far this is my method:
login function stores users ACL group in Auth.user.group:
$gr = $this->User->Group->findById($this->Auth->user('group_id'));
$this->Session->write('Auth.User.group', $g
I was wondering if anyone has any ideas regarding determining based on
ACL whether or not a particular user has access to a specific
controller/action pair from the view.
Currently, we use the html helper to generate links to edit actions,
etc something like the following:
link('Edit
Maybe you set something up wrong in the form or your validation. You
can put this in your view:
debug($this->validationErrors);
... just to figure out both the error and also may lead you to why the
msg is not being displayed.
On Tue, Apr 21, 2009 at 5:08 AM, albe wrote:
>
> Ok, at this point
> Ok, at this point
>
> http://book.cakephp.org/view/645/Acts-As-a-Requester
>
> I've got to "add some groups and users using the baked forms" so I
> type on my browser
>
> http://localhost/simpleacl/groups/add
>
> and I put the name of the group that I want to create on the form but
> when I hit
Ok, at this point
http://book.cakephp.org/view/645/Acts-As-a-Requester
I've got to "add some groups and users using the baked forms" so I
type on my browser
http://localhost/simpleacl/groups/add
and I put the name of the group that I want to create on the form but
when I hit submit button I se
Hi Able,
> The main problem is that, when I set the app folder's path with
>
> cake bake project
>
> it changes automatically few seconds after and it returns to be
I'm not sure, I don't use bake or the console often, and have only had
real success in a production environment, not locally.
try
; Why not work with an existing app? Eg, if you have the blog app
> working, apply ACL to the admin functions of that rather than start
> afresh.
>
> Cheers,
>
> Jon
>
> --
>
> jon bennett
> w:http://www.jben.net/
> iChat (AIM): jbendotnet Skype: jon-bennet
801 - 900 of 1996 matches
Mail list logo