neither (cake 1.3.6) and user registers are still created, but i have
realized that it has an impact in some of the acl lookup queries:
With bindNode:
SELECT `Aro`.`id`, `Aro`.`parent_id`, `Aro`.`model`,
`Aro`.`foreign_key`, `Aro`.`alias` FROM `aros` AS `Aro` LEFT JOIN
`aros` AS `Aro0` ON (`Aro`.`lft` <= `Aro0`.`lft` AND `Aro`.`rght` >=
`Aro0`.`rght`) WHERE `Aro0`.`model` = 'Role' AND `Aro0`.`foreign_key`
= 1 ORDER BY `Aro`.`lft` DESC
SELECT `Aco`.`id`, `Aco`.`parent_id`, `Aco`.`model`,
`Aco`.`foreign_key`, `Aco`.`alias` FROM `acos` AS `Aco` LEFT JOIN
`acos` AS `Aco0` ON (`Aco0`.`alias` = 'controllers') LEFT JOIN `acos`
AS `Aco1` ON (`Aco1`.`lft` > `Aco0`.`lft` AND `Aco1`.`rght` <
`Aco0`.`rght` AND `Aco1`.`alias` = 'Users' AND `Aco0`.`id` =
`Aco1`.`parent_id`) LEFT JOIN `acos` AS `Aco2` ON (`Aco2`.`lft` >
`Aco1`.`lft` AND `Aco2`.`rght` < `Aco1`.`rght` AND `Aco2`.`alias` =
'index' AND `Aco1`.`id` = `Aco2`.`parent_id`) WHERE ((`Aco`.`lft` <=
`Aco0`.`lft` AND `Aco`.`rght` >= `Aco0`.`rght`) OR (`Aco`.`lft` <=
`Aco2`.`lft` AND `Aco`.`rght` >= `Aco2`.`rght`)) ORDER BY `Aco`.`lft`
DESC
Without bindNode:
SELECT `Aro`.`id`, `Aro`.`parent_id`, `Aro`.`model`,
`Aro`.`foreign_key`, `Aro`.`alias` FROM `aros` AS `Aro` LEFT JOIN
`aros` AS `Aro0` ON (`Aro`.`lft` <= `Aro0`.`lft` AND `Aro`.`rght` >=
`Aro0`.`rght`) WHERE `Aro0`.`model` = 'User' AND `Aro0`.`foreign_key`
= 1 ORDER BY `Aro`.`lft` DESC 2 2 0
SELECT `Aco`.`id`, `Aco`.`parent_id`, `Aco`.`model`,
`Aco`.`foreign_key`, `Aco`.`alias` FROM `acos` AS `Aco` LEFT JOIN
`acos` AS `Aco0` ON (`Aco0`.`alias` = 'controllers') LEFT JOIN `acos`
AS `Aco1` ON (`Aco1`.`lft` > `Aco0`.`lft` AND `Aco1`.`rght` <
`Aco0`.`rght` AND `Aco1`.`alias` = 'Users' AND `Aco0`.`id` =
`Aco1`.`parent_id`) LEFT JOIN `acos` AS `Aco2` ON (`Aco2`.`lft` >
`Aco1`.`lft` AND `Aco2`.`rght` < `Aco1`.`rght` AND `Aco2`.`alias` =
'index' AND `Aco1`.`id` = `Aco2`.`parent_id`) WHERE ((`Aco`.`lft` <=
`Aco0`.`lft` AND `Aco`.`rght` >= `Aco0`.`rght`) OR (`Aco`.`lft` <=
`Aco2`.`lft` AND `Aco`.`rght` >= `Aco2`.`rght`)) ORDER BY `Aco`.`lft`
DESC
In the first query using bindNode It's searching on the group (role in
my case) and not the individual user, but the seconf query is still
using the User model... Also I have been unable to find documentation
about the bindNode function in the API docs.
Regards
On 8 dic 2010, 17:32, nachopitt <nachop...@gmail.com> wrote:
> Hi Soichi. I think the problem seems to be that you are using the Acl
> Component instead of the Acl Behavior. The code will be only executed
> if your User model has the ACL Behavior attached to it. The ACL
> Component has another purporse.
>
> On 7 dic, 14:03, Soichi Hayashi <soic...@gmail.com> wrote:
>
> > Hi. I started using CakePHP 3 days ago, and I am using Cake 1.3.6. I
> > am having the same problem reported in this thread.
>
> > I have following in my User model
>
> > //make ACL group only (http://book.cakephp.org/view/1547/Acts-As-a-
> > Requester)
> > functionbindNode($user) {
> > return array('Group' => array('id' => $user['User']
> > ['group_id']));
> > }
>
> > When I add a new user, it's adding a new User model record in aros
> > table. I've patched db_acl as parallel32 suggests, but it's still
> > adding User model records when I add new users.
>
> > I've also noticed thatbindNode() doesn't seem to be called at all
> > (I've put exit in it, but it doesn't seem to affect the behavior of
> > the app at all). I have following in my app_controller.php
>
> > var $components = array('Acl');
>
> > Is there something else that I need to do to make group-only
> > authorization work?
>
> > Soichi
>
> > On Nov 27, 8:55 am, parallel32 <paralle...@gmail.com> wrote:
>
> > > A very minor change to the core, but you're right nutesco it would
> > > break upgrades. So far the fix is holding steady on my deployments so
> > > I'm going to submit it as a bug and perhaps they can permanently fix
> > > it for the next release.
>
> > > If anyone has a userland fix that would be even better in case it
> > > takes a while to fix the core.
>
> > > On Nov 23, 4:38 pm, netusco <ernestcon...@gmail.com> wrote:
>
> > > > I just had the same problem, it really looks like a bug on cakephp...
>
> > > > It was working when ids of groups where the same as ids of aros, but
> > > > not working when different.
>
> > > > I agree with parallel 32 but I would prefer not to use his approach as
> > > > it would break in any upgrading...
>
> > > > Is there anyone who could get a light on this issue?
>
> > > > thanks
>
> > > > On Nov 22, 8:37 pm, Jeremy Burns | Class Outfit
>
> > > > <jeremybu...@classoutfit.com> wrote:
> > > > > See the previous reply in this thread that arrived yesterday - haven't followed it through yet.
>
> > > > > Jeremy Burns
> > > > > Class Outfit
>
> > > > > jeremybu...@classoutfit.comhttp://www.classoutfit.com
>
> > > > > On 21 Nov 2010, at 22:49, Rajat wrote:
>
> > > > > > i m also facing this issue.....
> > > > > > did u get any official updates on this?
>
> > > > > > On Nov 4, 1:34 am, Jeremy Burns | Class Outfit
> > > > > > <jeremybu...@classoutfit.com> wrote:
> > > > > >> I'm still really hoping that someone with some inside knowledge can shed a light on this for me.
>
> > > > > >> Jeremy Burns
> > > > > >> Class Outfit
>
> > > > > >> jeremybu...@classoutfit.comhttp://www.classoutfit.com
>
> > > > > >> On 1 Nov 2010, at 07:24, Jeremy Burns | Class Outfit wrote:> Because the users table has a group_id on it.
>
> > > > > >>> Jeremy Burns
> > > > > >>> Class Outfit
>
> > > > > >>> jeremybu...@classoutfit.com
> > > > > >>>http://www.classoutfit.com
>
> > > > > >>> On 31 Oct 2010, at 14:48, huoxito wrote:
>
> > > > > >>>> Guess I dont get your point.
>
> > > > > >>>> Users still must de added on Aro's table, otherwise how would your
> > > > > >>>> system know that an user A belongs to group ALFA ?
>
> > > > > >>>> On 29 out, 08:23, Jeremy Burns | Class Outfit
> > > > > >>>> <jeremybu...@classoutfit.com> wrote:
> > > > > >>>>> Anybody else got any more ideas on this? Anyone using it with success?
>
> > > > > >>>>> Jeremy Burns
> > > > > >>>>> Class Outfit
>
> > > > > >>>>> jeremybu...@classoutfit.com
> > > > > >>>>> (t) +44 (0) 208 123 3822
> > > > > >>>>> (m) +44 (0) 7973 481949
> > > > > >>>>> Skype: jeremy_burnshttp://www.classoutfit.com
>
> > > > > >>>>> On 27 Oct 2010, at 17:10, Jeremy Burns | Class Outfit wrote:
>
> > > > > >>>>>> I wish that were the case, but the guide then gives an example of the aros table, which only includes groups:http://book.cakephp.org/view/1547/Acts-As-a-Requester
>
> > > > > >>>>>> Jeremy Burns
> > > > > >>>>>> Class Outfit
>
> > > > > >>>>>> jeremybu...@classoutfit.com
> > > > > >>>>>>http://www.classoutfit.com
>
> > > > > >>>>>> On 27 Oct 2010, at 13:41, cricket wrote:
>
> > > > > >>>>>>> On Tue, Oct 26, 2010 at 4:40 PM, Jeremy Burns
> > > > > >>>>>>> <jeremybu...@classoutfit.com> wrote:
> > > > > >>>>>>>> According to the online tutorial:
>
> > > > > >>>>>>>> "
> > > > > >>>>>>>> In case we want simplified per-group only permissions, we need to
> > > > > >>>>>>>> implementbindNode() in User model.
> > > > > >>>>>>>> Code View
>
> > > > > >>>>>>>> functionbindNode($user) {
> > > > > >>>>>>>> return array('Group' => array('id' => $user['User']['group_id']));
> > > > > >>>>>>>> }
>
> > > > > >>>>>>>> functionbindNode($user) {
> > > > > >>>>>>>> return array('Group' => array('id' => $user['User']
> > > > > >>>>>>>> ['group_id']));
> > > > > >>>>>>>> }
>
> > > > > >>>>>>>> This method will tell ACL to skip checking User Aro's and to check
> > > > > >>>>>>>> only Group Aro's.
> > > > > >>>>>>>> "
>
> > > > > >>>>>>>> I've done this but I'm still getting users added to the aros table.
> > > > > >>>>>>>> What am I missing?
>
> > > > > >>>>>>> I believe that's normal. Users will still be present in aros but the
> > > > > >>>>>>> point is that ACL won't /check/ User, but Group.
>
> > > > > >>>>>>> Check out the new CakePHP Questions sitehttp://cakeqs.organdhelpotherswiththeirCakePHPrelated questions.
>
> > > > > >>>>>>> You received this message because you are subscribed to the Google Groups "CakePHP" group.
> > > > > >>>>>>> To post to this group, send email to cake-php@googlegroups.com
> > > > > >>>>>>> To unsubscribe from this group, send email to
> > > > > >>>>>>> cake-php+unsubscribe@googlegroups.com For more options, visit this group athttp://groups.google.com/group/cake-php?hl=en
>
> > > > > >>>>>> Check out the new CakePHP Questions sitehttp://cakeqs.organdhelpotherswiththeirCakePHPrelated questions.
>
> > > > > >>>>>> You received this message because you are subscribed to the Google Groups "CakePHP" group.
> > > > > >>>>>> To post to this group, send email to cake-php@googlegroups.com
> > > > > >>>>>> To unsubscribe from this group, send email to
> > > > > >>>>>> cake-php+unsubscribe@googlegroups.com For more options, visit this group athttp://groups.google.com/group/cake-php?hl=en
>
> > > > > >>>> Check out the new CakePHP Questions sitehttp://cakeqs.organdhelpotherswiththeirCakePHP related questions.
>
> > > > > >>>> You received this message because you are subscribed to the Google Groups "CakePHP" group.
> > > > > >>>> To post to this group, send email to cake-php@googlegroups.com
> > > > > >>>> To unsubscribe from this group, send email to
> > > > > >>>> cake-php+unsubscribe@googlegroups.com For more options, visit this group athttp://groups.google.com/group/cake-php?hl=en
>
> > > > > >>> Check out the new CakePHP Questions sitehttp://cakeqs.organdhelpotherswiththeirCakePHP related questions.
>
> > > > > >>> You received this message because you are subscribed to the Google Groups "CakePHP" group.
> > > > > >>> To post to this group, send email to cake-php@googlegroups.com
> > > > > >>> To unsubscribe from this group, send email to
> > > > > >>> cake-php+unsubscribe@googlegroups.com For more options, visit this group athttp://groups.google.com/group/cake-php?hl=en
>
> > > > > > Check out the new CakePHP Questions sitehttp://cakeqs.organdhelpotherswiththeir CakePHP related questions.
>
> > > > > > You received this message because you are subscribed to the Google Groups "CakePHP" group.
> > > > > > To post to this group, send email to cake-php@googlegroups.com
> > > > > > To unsubscribe from this group, send email to
> > > > > > cake-php+unsubscribe@googlegroups.com For more options, visit this group athttp://groups.google.com/group/cake-php?hl=en
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
No comments:
Post a Comment