Thursday, June 25, 2009

Re: Weird ACL / Auth problem: action denied, action/5 allowed - why?

I wonder what the 'action' do.It is edit,view?Tell more details about your app controller.You use crud mode or action?If you want to get access to only logged in users you must remove it from allowedActions for example,if you have it in public pages.Print some code here to see it.

2009/6/25 DigitalDude <e.blumstengel@googlemail.com>

Hey,

no I took care of that and my role-system works perfectly. I want to
restrict the access of that action to only logged in users, not for
public viewing! Everyone can see the page and this is very bad!

The action should be only accessible for logged in users. But it isn't
even though other actions (with parameters!) are secured by ACL and
only viewable while logged in.



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)