I want to have two branches on my AROs tree.
One is for a typical controllers/actions authorization systems. It
works perfectly.
The second one is for a "privileges" based authorization inside
actions. For example: I want to allow two groups access to the same
action, but one group can edit all records, and the other group only
can access their own.
I have a "privileges" root node, but I'm not sure on how to name
aliases for children Aros. For example:
EditAllRecords or privileges/EditAllRecords
and how to check permissions
$this->Acl->allow($user, 'EditAllRecords');
or
$this->Acl->allow($user, 'privileges/EditAllRecords');
Actually, I have Aros in the first form (EditAllRecords), but the ACL-
>check doesn't work well,
in the second form triggers an error DbAcl::check() - Failed ARO/ACO
node lookup in permissions check,
in the first form Acl->check seems unable to find the right aro.
So, how must I name my Aco aliases? or Is a better approach to this
kind of setup? Thanks
--
Fran Iglesias
frankie@buabua.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment