Hi Ed,
Are you trying to say managing the actions only and sometimes it
affects your CRUD ?
I'm not en expert in this area, but giving my shot is:
Use routing? That area is strange for me.
Are you trying to hide some of the CRUD buttons for some users and not
all?
I think you can do that, I re
Hi John,
I do use a plugin to manage permissions and it seems to work quite
well
although I still prefer the shell interface for adding/removing aro/
aco
and creating permissions on the fly.
The grey area for me right now is authorizing CRUD vs. otherActions.
I know that I can use Auth->mapAction
Hi Ed,
You can customise your users permission using ACL plugin. I suggest
finding one on your own, the current one I use has a drawback when I
have over 10 groups with different permission settings. The role
permission setting stops working. However, it's still effective if I
view users roles or
I've been plugging away with Cake for some time now with extremely few
issues. I recently decided that ACL was the right choice for my app ... now
I have issues :)
I've toyed with it long enough now that I understand the concept and
mechanics of it but the issue I'm having is this:
When granting a
It's entirely possible that I may have misread or misunderstood that
example.. but it seemed to me like all the users were again in the ARO
table. Did I not read that right?
What I should really do is rephrase my question:
Is there a tutorial that would guide me on use the ACL without adding
ever
try this : http://book.cakephp.org/view/465/Understanding-How-ACL-Works
sometimes, maybe you will need to create groups for users but in those
groups there will must be some users, who have special - premium acces
...
2010/3/23 xtraorange :
> Howdy all,
>
> Maybe someone can explain this to me, be
Howdy all,
Maybe someone can explain this to me, because I'm just having trouble
understanding:
In the tutorial (http://book.cakephp.org/view/641/Simple-Acl-
controlled-Application) the author seems to be suggesting that all
users should be listed in the ARO table (and their group updated as
neede
o clear it up.
>
> Thanks,
>
> Dave
>
> -Original Message-
> From: cake-php@googlegroups.com [mailto:cake-...@googlegroups.com] On Behalf
> Of scs
> Sent: January-15-10 12:51 PM
> To: CakePHP
> Subject: Re: ACL Question
>
> Make sure you do no
I have Autho and ACL setup correctly - I believe. No issues with
logging in etc. My problem is the permissions. When I assign
permissions my aros_acos table is populated with the proper info but I
tried something a bit different and dont know which route to take.
When I run this:
$this->Acl->a
I know.
I was removing ACL from the app. It was only in app_controller but when I
removed it I was getting errors. That's all, its all good.
Thanks
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message becaus
> Yeah it was only in the app_controller, but I just dumped cache folder and
> seemed to clear it up.
If it's in AppController then all controllers inherit and will use it.
Any components you put in a specific controller are merged with
Appcontroller's, not overwritten.
j
--
jon bennett - www.
Yeah it was only in the app_controller, but I just dumped cache folder and
seemed to clear it up.
Thanks,
Dave
-Original Message-
From: cake-php@googlegroups.com [mailto:cake-...@googlegroups.com] On Behalf
Of scs
Sent: January-15-10 12:51 PM
To: CakePHP
Subject: Re: ACL Question
Make
Make sure you do not have
var $components = array('Acl');
in you app_controller or any other controllers
On Jan 14, 8:48 pm, "Dave" wrote:
> I get this error as soon as i login
>
> Could not find AclComponent. Please include Acl in Controller::$components.
> [CORE/cake/libs/controller/components/
I get this error as soon as i login
Could not find AclComponent. Please include Acl in Controller::$components.
[CORE/cake/libs/controller/components/auth.php, line 378]
Fatal error: Call to a member function check() on a non-object in
/home4/public_html/cake/libs/controller/components/auth.php
When setting up the initDB() function for routing do you set it up as
function name or url?
$this->Acl->allow($role, 'controllers/Posts/manage_index');
or
$this->Acl->allow($role, 'controllers/Posts/manage/index');
assuming "manage" is the admin routing prefix which is correct for the posts
I have 2 groups which are added by their respectful controller/model (Agent,
Scout)
So whena Agent or Scout is created in the AROS Table is shows up
id parent_id model foreign_key
alias lft rght
92 3 Scout 4
NULL104
Quick question about setting up permissions.
I am using admin routing configured to "manage" so all functions have
manage_name
now in the initDB function inthe cookbook
$this->Acl->allow($role, 'controllers/Images'); if i wanted that user to be
limited to only manage functions is this the cor
I am setting up a new app using ACL. I am using Role ,
user can only have 1 role
so User model has:
var $hasOne = array(
'Role' => array(
'className' => 'Role',
'foreignKey' => 'user_id',
'dependent' => false,
'conditions' => '',
'fields' => '',
'order' => ''
)
);
fu
On Thu, Jun 25, 2009 at 5:13 AM, Walther wrote:
>
> You could make more then one database config item and use them on the
> required tables?
Good point. I tend to think of the DB configs as being for a specific
database. Of course, there's nothing stopping you from using the same
DB but with sepa
On Jun 25, 2:39 am, brian wrote:
> On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> > I do use prefix param for some other projects where ACL is NOT
> > utilized.
> > However, my particular concern is about ACL component, I am not sure
> > if ACL component respects $prefix param. (i.e. the sq
You could make more then one database config item and use them on the
required tables?
On Jun 25, 2:39 am, brian wrote:
> On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> > I do use prefix param for some other projects where ACL is NOT
> > utilized.
> > However, my particular concern is about
On Wed, Jun 24, 2009 at 3:09 PM, zonium wrote:
>
> I do use prefix param for some other projects where ACL is NOT
> utilized.
> However, my particular concern is about ACL component, I am not sure
> if ACL component respects $prefix param. (i.e. the sql statements to
> create aros and acos table d
I do use prefix param for some other projects where ACL is NOT
utilized.
However, my particular concern is about ACL component, I am not sure
if ACL component respects $prefix param. (i.e. the sql statements to
create aros and acos table do not take prefix into account).
Aslo, when we specify $pre
On Tue, Jun 23, 2009 at 11:25 PM, zonium wrote:
>
>
> We are forced to follow some naming conventions for our tables (some
> prefix needs to be added to the table names). I am going to use ACL
> component, but I wonder if I can use different names for aros, acos
> and acos_aros tables (e.g adding
We are forced to follow some naming conventions for our tables (some
prefix needs to be added to the table names). I am going to use ACL
component, but I wonder if I can use different names for aros, acos
and acos_aros tables (e.g adding a prefix)?
Thanks,
Zonium
--~--~-~--~~-
Hi everyone ..
I am trying (for the first time) to implement ACL in my app. While I
think I have generally understood how to do that, from reading the
manual and different tutorials, I still have some basic questions:
1. I will need groups. So far I only have a User-model and was
planning to map t
I have been reading more into ACL and with help from the Cake Group it is
making more sense so I thank you!
I have a question I was hoping for some advice on.
My idea involves 2 Groups of Users which have no direct access with each
other initially.
Where say AGENTS belong to a GROUP and INVEST
I just finished setting up the AUTH and ACL as in the cookbook. Now when I
log in as any user from different groups I can access every page on the site
but I get this :
[Config] => Array
(
[userAgent] => 8edf52fc0bebeb96d0f1c90b95f1a465
[time] => 1235718036
For baked forms it means the forms autogenerated by bake. If you
haven't used bake yet, it's a command line utilities that let you auto-
generate basic models, controllers and views, starting from your db
structure. You can find more informations on the documentation.
The basic class created by ba
Hi,
I just started using cakePHP, im almost done reading through the
documents, but I was wondering something,
I was reading the example for the ACL controlled application, and on
one part it says
"
Our controllers and models are now prepped for adding some initial
data, and our Group and User
The first step you should do is to write out an example of what you
want your ARO tree to look like. I think it will then be easier for
someone to help you out.
For example, I often have a tree that looks like the following:
Superusers
Users
--Staff
John Kramer
Alex Wylde
Managers
-
Not sure I follow, does the usergroups table not join the users and
groups?
I have my ACL set up with the following HABTM:
// Link to jobs
var $hasAndBelongsToMany = array(
'Slot' =>
array(
'className' => 'Slot',
'joinTable'
Hi guys,
I'm building an application and want to controll access levels with
ACL.
I've setup the controllers and database by following the simple ACL
application tutorial in the manual.
While the example in the manual uses 2 tables: 'groups' (hasmany)
'users', which makes the implementation fair
Mark, Aran,
Is there a way to access the Acl component from within a model?
Models don't have a $uses attribute, do they?
Can I somehow else access the Acl component in a model (ie. creating
an instance with new() ?
The beforeSave() callback method would be a perfect place to check if
a user
Aran, then my apologies to you as well. The internet is a terrible
place to decipher intonation. Its easy to misconstrue a question as
complaining, and it doesn't help that I've been asked that question
10+ times.
I think that only in complicated systems should row level permissions
be impleme
Sorry for writing something that looked like griping! I was
absolutely NOT complaining about how the Auth Component works -- even
though a year ago, I did once make this complaint.
On the other hand, it is nice to have such a nicely worded explanation
of why this "feature" is not in the core cod
On Nov 20, 4:23 am, eMarcus <[EMAIL PROTECTED]> wrote:
> Hi Mark,
>
> Thanks for your answer!
>
> When you follow the conversation right from the beginning, you will
> see, that I definitly KNOW that controller/actions/id access does not
> help me and that I therefore want to use your proposed sch
Hi Mark,
Thanks for your answer!
When you follow the conversation right from the beginning, you will
see, that I definitly KNOW that controller/actions/id access does not
help me and that I therefore want to use your proposed schema of
models/records to protect my content.
However, what confuse
This can be done with the ACL but you need to do the check manually.
It may seem like a good idea to have an ACL tree that looks like
controller/action/id
but that is setting yourself up for an epic fail. If you ever need to
add an action you need to copy all the record nodes and set new
perms
s, when you plan on also using Auth
>
> > Anja
>
> > -Ursprüngliche Nachricht-
> > Von: cake-php@googlegroups.com [mailto:[EMAIL PROTECTED] Im Auftrag von
> > eMarcus
> > Gesendet: Mittwoch, 19. November 2008 15:55
> > An: CakePHP
> > Betreff
an on also using Auth
>
> Anja
>
> -Ursprüngliche Nachricht-
> Von: cake-php@googlegroups.com [mailto:[EMAIL PROTECTED] Im Auftrag von
> eMarcus
> Gesendet: Mittwoch, 19. November 2008 15:55
> An: CakePHP
> Betreff: General ACL Question
>
> Hi,
>
>
Anja
-Ursprüngliche Nachricht-
Von: cake-php@googlegroups.com [mailto:[EMAIL PROTECTED] Im Auftrag von eMarcus
Gesendet: Mittwoch, 19. November 2008 15:55
An: CakePHP
Betreff: General ACL Question
Hi,
I want to use the ACL component to control access of users to model data.
I built up
Hi,
I want to use the ACL component to control access of users to model
data.
I built up AROs, ACOs and permissions so far.
1.) does the ACL component automatically check if a user has an UPDATE
right on save operations?
2.) if not, where would be the best place to perform that check? (in a
cal
> basically in my layout ctp file, i have a navigation menu. If an Admin user
> logs in, I want the admin nav menu to appear. Otherwise, do not display the
> admin nav menu. what is the best way to do this? thanks
1. First, determine if the menu should be displayed. This depends on
how you have
basically in my layout ctp file, i have a navigation menu. If an Admin user
logs in, I want the admin nav menu to appear. Otherwise, do not display the
admin nav menu. what is the best way to do this? thanks
On Wed, Apr 9, 2008 at 4:59 PM, Dardo Sordi Bogado <[EMAIL PROTECTED]>
wrote:
>
> Probabl
Probably, I will check in the AppController::beforeFilter(); or even
better make a component.
Helpers are meant for the view, not the controller.
Given the fact that I haven't read your code, and you haven't
explained what are you trying to accomplish I can't give you further
assistance.
What I
what controller would i check in for the layout? or use helper?
On Wed, Apr 9, 2008 at 4:14 AM, Dardo Sordi Bogado <[EMAIL PROTECTED]>
wrote:
>
> You don't. Check from controller/component and pass the allowed/denied
> to the view/layout.
>
> On Wed, Apr 9, 2008 at 7:19 AM, . <[EMAIL PROTECTED]>
You don't. Check from controller/component and pass the allowed/denied
to the view/layout.
On Wed, Apr 9, 2008 at 7:19 AM, . <[EMAIL PROTECTED]> wrote:
> hi how do you check acl from the View? ie $acl->check(...) in the view,
> instead of controller. How would I check ACL from my layout? thanks
>
hi how do you check acl from the View? ie $acl->check(...) in the view,
instead of controller. How would I check ACL from my layout? thanks
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to
I think it is not right to be redirected to the referer page and
display the error message on the referer page. This is not what I
would expect when I try to access a certan page.
At first I wanted to be redirected to the login page, because I though
it is the right behavior to give the user the c
it seems to be the correct behavior:
- if you're not logged in, it redirectts you to login page
- if you're logged, it checks if you're allowed to access to
controller:
* if yes, ok
* if not, it redirects you back and tell you "access denied"
Why do you want to be redirected to login since you
Braindead - I'm wondering the same thing. Right now, as you said, it
just redirects you to the current page. Perhaps an enhancement ticket
at trac?
On Jan 29, 12:51 pm, Braindead <[EMAIL PROTECTED]> wrote:
> That's what I already did. When I'm not logged in and want to enter an
> access controll
That's what I already did. When I'm not logged in and want to enter an
access controlled controller, I'm redirected to $loginAction.
But how is it possible to be redirected to $loginAction, when I'm
already logged in, but not allowed to access a controller?
--~--~-~--~~~---
Maybe the Auth $loginAction property is what you're looking for. Set the url
of the controller that handles login (As a string or array).
Cheers,
--
Matias Lespiau
http://www.gignus.com/
On Jan 29, 2008 4:10 PM, Braindead <[EMAIL PROTECTED]> wrote:
>
> Hello group,
>
> I'm using Auth and ACL
Hello group,
I'm using Auth and ACL in Cake 1.2. It took quite a long time to get
it to work, but now everything is working, except one thing:
When I'm logged in and try to access a controller I don't have access
to, I'm redirected to the url I came from and get the message that I'm
not allowed
Thanks a milion, it works now!
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROT
Not, that is a bug in ACL component, ticket:
https://trac.cakephp.org/ticket/3851 , fixed on :
https://trac.cakephp.org/changeset/6342 . Update your cake.
On Jan 16, 2008 3:11 PM, alex.tomes <[EMAIL PROTECTED]> wrote:
>
> My situation is this: I have AROs nested: Admins and as a child of
> that S
My situation is this: I have AROs nested: Admins and as a child of
that Subadmins.
Admins has acces to a certain ACO but Subadmins is set to deny access
to that ACO
When I check Subadmins against that ACO it sais that it has access
although I set it to deny (checked in the database also, it show
Anyone any ideas? Surely ACL shouldn't be this hard?
By the way, I'm using PHP 5 and Cake 1.2.
On 31 Aug, 10:44, Paul <[EMAIL PROTECTED]> wrote:
> Hi there,
>
> I'm getting more and more frustrated withACL, so please someone help
> me before I drive myself mad! I'm sure once I'm over this last
Hi there,
I'm getting more and more frustrated with ACL, so please someone help
me before I drive myself mad! I'm sure once I'm over this last hurdle
it'll all fall into place :)
If i do this:
$this->Acl->deny($aroNode,$acoNode);
then all the _read, _update etc. fields in the aros_acos table a
Hi Nina
Glad I could be of some assistance :-)
Regards,
Langdon
Nina wrote:
> Hi Langdon
>
> Your code sent me off in the right direction, so thank you for your
> help. However I had to make substantial changes, because you code did
> not fit with my user-model (and not with the functions ava
Duh... I posted to soon, this is the function:
function _getAllowedIds ($model, $access_type) {
//this function returns a comma delimited string of id's that the
logged in user has access to in the model given.
$aro = new Aro();
// Get the username. It may be b
Hi Langdon
Your code sent me off in the right direction, so thank you for your
help. However I had to make substantial changes, because you code did
not fit with my user-model (and not with the functions avalible in
cake 1.2). Allow me to explain (for general edification):
I have a user model wh
Hi Nina
> However, what I'd like is a simple command to find all pictures that a
> given user has access to. I realize that I can find all pictures and
> check them one by one. However, this seems expensive to me (one query
> to get all pictures and then N queries to check the permissions).
> T
Hello
I would like some advice on how to tackle the following problem:
I have a cakephp acl model where I have users and pictures. Users have
access to some pictures and not to others. My aro alias is on the form
User::$user_id and the aco alias for the picture is on the form
Picture::$picture_i
65 matches
Mail list logo