Hey, I implemented authentication with Authlogic and authorization with Acl9. Now I'm trying to avoid multiple hits to database to check if user is admin by keeping this in the session. What I thought is that this code should work: class ApplicationController < ActionController::Base ... helper_method :current_user_session, :curre...
I'm building a controller to manage group based ACL in CakePHP and when I create or edit a group I want to be able to select what permissions it has. The group data table only stores a group ID and a group Name as the permissions are stored in the ACO/ARO table. I have an array from the ACO that I want to turn into a set of checkboxes s...
I have a PHP site with a login system, and am trying to make a feature where only specific usernames can view particular images. I think what I'm trying to do is more involved than merely changing the .htaccess file, because a) this won't help discern between users that are/aren't allowed to view the image, and b) if someone enters the e...
From within a Java program, I want to be able to list out the Windows users and groups who have permission to read a given file. Java has no built-in ability to read the Windows ACL information out (at least until Java 7), so I'm looking for other solutions. Are there any third party libraries available which can provide direct access t...
Hi All. I'm implementing a web based document management system and I'd like to implement ACLs in my system. My formal requirements are hierarchal permissions (documents inherit permissions from their folders) user groups (users can dynamically create groups and associate users with groups). Such groups can have permissions on objects i...
I currently have a web-application that implements a rudimentary form of ACL using UNIONs in mysql, but it's somewhat limited, and doesn't necessarily scale that well I'm interested in any alternative ACL algorithms that could be implemented efficiently in SQL. Thanks! ...
Hi, is CakePHP's ACL component capable of handling users belonging to many groups? Thanks! ...
I have been looking at the sqlalchemy recipes on their wiki, but don't know which one is best to implement what I am trying to do. Every row on in my tables have an user_id associated with it. Right now, for every query, I queried by the id of the user that's currently logged in, then query by the criteria I am interested in. My conce...
I'm following the ACL tutorial for CakePHP 1.3 and I was wondering if there is a functional difference between declaring a behavior like this: var $actsAs = array('Acl' => 'requester'); and like this: var $actsAs = array('Acl' => array('type' => 'requester')); ...
I am considering using Spring Security annotations for my application, with the EL (expression language) feature. For example: @PreAuthorize("hasPermission(#contact, 'admin')") public void deletePermission(Contact contact, Sid recipient, Permission permission); I need the EL capability because I have built my own ACL implementation. ...
I've put together an ACL permissions system into my application and I'm now wondering about how best to use it, especially in regards to user groups. In it's simplest form, there will be several "role" groups ("admins", "editors", "users", etc) and all users will belong to one of these groups. My question is: in your experience, is it ...
I have a schedule controller with four actions: class ScheduleController extends Zend_Controller_Action { public function indexAction(){ ... } public function viewAction(){ ... } public function addAction(){ ... } public function deleteAction(){ ... } } So I've set up Zend_Navigation with an array like so: array...
First off: I know that this isn't reliable for actually checking if I can write. I'm writing a file transfer client, and want feature parity between the "remote" and "local" file browser panes. I fully understand I will have to handle any permission related exceptions for any operation performed regardless; it's not a programming check i...
Greetings! I run into a problem/bug in production environment with SQL Error: 1104 when deploying a project secured with the ACL tutorial. The full error: SQL Error: 1104: The SELECT would examine more than MAX_JOIN_SIZE rows; check your WHERE and use SET SQL_BIG_SELECTS=1 or SET SQL_MAX_JOIN_SIZE=# if the SELECT is okay [CORE/cake/li...
We would like to set an ACL to allow access to one of our buckets with a partner account. We've tested the process on a test account and everything works fine. On our production account/buckets, however, we can set the ACL and see the update but as soon as we attempt to access the bucket from the other account we get a forbidden response...
I have got a simple web app in development, i want to establish a couple of user groups; Admin, Doctors & Patients. Each group would have their access restricted to particular controller actions rather than individual content. So for example, Doctors can view patient records (index & view actions), but cannot delete them. Usually i wou...
i have fat32 usb flash drive when i want to del file the message show "you need permission to perform this action " access is denied cacls dont work cuz drive is fat32 (means access Control list dont support in fat32) file is hiden and file attribute is HS how can del file? i cant change file attribute ...
I'm working on an app that will have 6 ARO groups in order to cover the required permissions spectrum. It is really best practice to have *_add, *_edit, *_index, *_view, etc. methods for each? That seems like a bit of code overload and maintenance headache. The "cheapest" way I can imagine to handle it with routing is something like: ...
I am setting up a nginx server. I create a user nginx for running the server. And I have some data in the home of another user, victor. I try to set the ACL to let the nginx read those data; here is what I did. The location of data: /home/victor/web/folder/folder2/folder3/data I want to let nginx read those files, so that I create...
Should I give "modify" permissions to 'everyone' or 'users' or 'authusers' if, under UAC, I want to make data folders and files writable to non-admin users of the program? I want that basically everyone who can sit at the computer can read/write the data through the program. I've also read that using 'everyone' for modify permission can...