Hi, I have acl working perfectly in 1.2.6. I'm trying to update my code base to 1.3.6 and I've found the following problem, which I cannot solve.
I have aros, acos, and aros_acos tables set up perfectly to work with users and groups for auth and acl. In the aros_acos table I only have group level permissions set. (no user level permissions). So for example: I have a group called administrators, and a user called admin, who is a part of the group. I have set up the ACL (aros_acos table) to allow the administrators group access to all the controllers. Now in 1.2.6, after you've properly authenticated, if you watch the sql you will see that there are 2 sql statements that check the permissions when you attempt to access a controller's action. One that checks if the user has permissions to access that action and one that checks if that user's group has permissions. In 1.3.6 only one statement executes and that is the one that checks if the user has permission. It does not check if the group the user belongs to has permission as it does in 1.2.6. So in the 1.3.6 aros_acos table If I manually put in a line for that specific user I've logged in as and give him permission to that controller it works. so is there any reason why 1.2.6 automatically checks both group and user permissions on actions and 1.3.6 only check user permission on actions? Is there a fix so that 1.3.6 or 1.3.x performs that group check? Help would be greatly appreciated I've completely run out of options and I've gone as far as I can trying to debug the core cake code. Thanks! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
