If you use action mode you do $this->Acl->allow($aroAlias,$acoAlias); which means $this->Acl->allow(users,scooters/edit);
So you allow users to edit any scooter,but to edit ONLY their own you do what i post you 1st.
2009/6/26 DigitalDude <e.blumstengel@googlemail.com>
Hey,
it is an edit action for an item, and it is similar to other ones I
have in my app and all other ones are denied for non-logged-in users
(which means, in all other actions, the ACL works fine).
I checked the controller if there were any allowedActions in the
beforeFilter and other pre-occuring actions before the controller
action, but there were none.
My function header looks like this:
public function editScooter($shop_id = null, $scooter_id = null) {
....
}
So the function gets two parameters to work with, and in my ACL Table
under ACO's the editScooter-Acion is listed.
When I call the action without any parameters, eg
http://www.myapp.com/scooters/editScooter
the ACL works fine. But the moment I put some parameters behind that
action, the ACL fails.
My ACL is defined via shell and the code of it looks like this:
$this->Acl->allow('users', 'Scooters');
Normally every controller action of the controller "Scooters" should
be secured by ACL, and this works for methods like index, add, edit,
view...
Only the editScooter action is not secured by ACL. Maybe this has to
do with the two parameters which CAN be applied to the function, but
the function also is used for modifications with one passed
parameter.
I did not change any routes, and the beforeFilter in my app_controller
has no allowedActions.
:(
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment