tags:

views:

56

answers:

2
Q: 

Common permission for groups in Acl-cakePHP

hello friends, I am using Acl in new web app.
in my app there are four groups of users.
I have given $this->Auth->authorize = 'actions' so that it will check the permission for actions automatically.

my problem is some of the actions such as change Password,edit profile,etc...
are common to all users.
But now i need to create each record for the permission of each users in acos_aros table.
this is too annoying

1) Is there any way to give permission to all types of users with a single allow statement?
2) Is there any way to allow and deny user by checking whether parameter is passed or not?
that means i need to give permission to pass parameter to an action for a specific user. If any other user pass the parameter and try to access the data i need to deny them.

whether row level access control can be done with ACL?

Any help will be appreciated.
Thankz in advance :)

+1  A: 

Hello RSK,

1. If you put a $this->Auth->allow('action1','action2'...) into your beforeFilter() of the controller, access is granted to all users. If you need an ACL-only solution, you have to create a parent aco to which all other acos you want to allow are children. Then grant your users the rights on the parent. The ACL plugin from the bakery could come in handy, if you already have your ACL tree structure. For building the ACL tree structure the build_acl() script in the tutorial at the end of the cake-manual is useful.

2. Allowing to pass the parameter for all users and checking their role in the action is not an option?

Kind regards, Benjamin.

benjamin  2010-08-12 23:49:58
thankz for your response , but if i gave this `$this->Auth->allow('action1','action2'...)` the actions will be available for visitors also. i need to make sure that the the user is logged in :)
RSK  2010-08-13 04:47:09
Ok. May I suggest that the line "to give permission to all types of user" is changed to "... to all authenticated users".Kind regards.
benjamin  2010-08-13 17:10:52
A: 

the solution for the 2nd problem is here
but this is not implemented using ACL :(

RSK  2010-08-13 12:36:53
RSK,as this uses non-ACL components, too, a removal of 'I am expecting the answers on the basis of ACL only.' is indicated. Kind regards
benjamin  2010-08-13 17:59:39
@benjamin done :D
RSK  2010-08-14 07:01:55

related questions

Can't copy file with appropriate permissions using FileIOPermission
GetProcessesByName() and Windows Server 2003 scheduled task
Starting a process in C# with username & password throws "Access is Denied" exception
How do you set directory permissions in NSIS?
PHP: How to check if a directory is writeable?
Sharepoint Item Level Access & performance
sudo echo "something" >> /etc/privilegedFile doesn't work... is there an alternative?
What is the best way to create a security architecture?
Hierarchical Group Permissions Theory/Resources?
Why is access denied when installing SSL cert on IIS 5?
What databases do I have permissions on
Can an iPhone App Be Run as Root?
SQLite/PHP read-only?
Multiple permission types (roles) stored in database as single decimal
SharePoint Permissions
CakePHP ACL Database Setup: ARO / ACO structure?
LINQ and Database Permissions
What's the best way to implement a SQL script that will grant select, references, insert, update, and delete permissions to a database role on all the user tables in a database?
php scripts writing to non-world-writable files
How do I detect if a function is available during JNLP execution?
Implementing permissions in PHP
Access Control Lists & Access Control Objects, good tutorial?
In Visual Studio you must be a member of Debug Users or Administrators to start debugging. What if you are but it doesn't work?
Where should I put my log file for an asp.net application?
What is the best way to handle multiple permission types?