I am using cakephp ACL component to make site secure but the problem is when i am trying to deny a particular action for eg.cake acl deny Group.3 Notes 'delete' , it denies all the action of the controller for that group.The aros_acos table is as follows---- id aro_id aco_id _create _read _update _delete 1 1 1 1 1 1 1 2 2 10 1 1 1 1 3 3 10 1 1 1 -1 In the above table, the third row aro_id points to Group 3 and aco_id points to Notes controller.
What might be the problem.
I don't have access to my implementations at the moment, so this is from memory:
The crud settings in the acos_aros table don't map onto or control access to methods/functions/actions as such. It is the actual row in the table that does that. There will be a row for every permutation of Aro -> Aco that you have defined - they do not necessarily exist by default.
Hence the entry (row) for Administrators:AdminUser_1 => Posts::delete will be a bunch of 1s, 0s or -1s. Set all four numbers to 1 for access or -1 for deny.
I made this easier by building a (huge) matrix of checkboxes for each group, controller & action.
To summarise this, to turn on delete for a user:
_create, _read, _update, _delete to 1e.g.
(3087, 1, 1314, '1', '1', '1', '1'), // allow
(3086, 1, 1313, '-1', '-1', '-1', '-1') // deny