rmac-is-dead-long-live-rmac/) I will tell what i have done.
1)Downloaded a fresh cakephp
2)created the users,groups tables
3)acos,aros,acos_aros ("cake schema create DbAcl" in command line)
4)Baked users and used Auth component to set up a login page
5)Placed the plugin in [path]/app/plugin/permissionable
6)Created the permission_bits table
7)Created a "contacts" table for a sample module
8)In the file [path]\app\plugins\permissionable\controllers\components
\permissionable.php I added
var $components = array('Session', 'Auth');
for calling
$users = $this->Auth->user();
Then assigned userid and groupid in
$users = $this->Auth->user();
$userId = $users['User']['id'];
$groupId = $users['User']['id'];
Permissionable::setUserId($userId);
Permissionable::setGroupId($groupId);
Permissionable::setGroupIds(array($groupId));
9)Created some groups in tree (tree component) with hierarchy
10)Now each user logged in and creates a contact the
"permission_bits" table gets filled with model,and model Id and 416
(default bits) in perms..
11)If each user logs in and he can see only his records. He can edit
and view but he can not delete his own record. If an Admin logs in he
can do all the action(delete also) on all the record including his
record..
Now what i need is..
1)Record created user (owner) can also delete his record
2)Record created user (owner) can allow other group's user below his
level to do all the action (create/update/delete/view)
I can guess that this could be done in the Behavior (\app\plugins
\permissionable\models\behaviors\permissionable.php) with correct bit
set in the callback functions. But i dont know what is the bit mask
for that. If i am wrong then please correct me and guide me how to do
that.
One more this is when a admin delets all the record the
"permission_bits" table not getting deleted..
Thanks for any help..
On Sep 26, 5:04 pm, sathyashrayan <sathyashra...@gmail.com> wrote:
> Dear group,
> After i used ACL plugin by Alaxos (http://www.alaxos.ch/blaxos/pages/
> view/plugin_acl) i wanted to have a ACL at each record level. That is,
> a user's record need not be shown to the non-Creator. I started to
> understand the concept of record level ACL from this thread.
>
> http://groups.google.com/group/cake-php/browse_frm/thread/886fe37ecbc...
>
> After downloading those code from those given links about RMAC i
> tried to implement it. But I am stuck. So i started to read that code
> (behaviour, [path]/app/plugin/permissionable/models/behaviors) i
> understood that its the callback function that does all. Especially
> the bit checking in _getPermissionQuery function. But I am still not
> clear in implementation(user end). So i studied the Auth and ACL
> component in core cake (libs) and i saw the _create,_delete (CRUD)
> permission is set in Auth. Then I understood that RMAC implementation
> is different from Core ACL which uses aros_acos table. My doubt with
> the RMAC plugin is this.. Does every record will have an extra entry
> in the permission table? Can anyone give an example of this full
> working of the RMAC code, with more than two or three model (tables)
> with tree level access (roles) including every entry in the permission
> table. Can I able to use both the ACL plugin and RMAC plugin together?
>
> I am also planing to have own interface for the ACL, both action
> level and record level. I am not sure if this will be continued since
> i work for a company and they asked so. It could be dropped any time.
> A basic layout as follows in a word docs.
>
> https://docs.google.com/document/d/1VGkvtvZk3fuST_pgn1q0sfhtvgka1NCTY...
>
> This is very basic and it could be non feasible (funny :D).
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment