Monday, November 17th, 2008
Central ACL Check
With checking ACL’s, the code I use is as follows:
$info = $this->Member->read(null, $id);
// Check for permissions to edit this account
if ( !$this->Acl->check(array(’model’ => ‘Member’, ‘foreign_key’ => $this->Auth->user(’member_id’)), $info['Member']['username'], ‘update’) ) {
$this->Session->setFlash(__(’You are not allowed to edit this user. — ‘ . $this->Auth->user(’member_id’), true));
$this->redirect(array(’action’=>’index’));
}
While this works and is not that bad of an idea at all, [...]
1 Comment » - Posted in Applications, PHP by stephen
Wednesday, November 5th, 2008
ACL Implementation
After doing a few posts on Access Control Lists (ACLs), the need to look further into the implementation of ACLs in a CakePHP project could be helpful. If there are questions on setting up the ACL tri-table in the database, you can review the previous postings, or check out the CakePHP documentation. But now that [...]
No Comments » - Posted in Applications, PHP by stephen
Wednesday, August 27th, 2008
Access Control Lists (ACLs) Part 3
In the first part, the idea and theory behind an ACL was discussed. In part 2, the set up of AROs, ACOs, and ACLs via the command line was shown. Now in part three, we look at why this is so important. Because an interactive site with memberships should never be static, what happens when [...]
2 Comments » - Posted in Applications, PHP by stephen
Tuesday, August 26th, 2008
Access Control Lists (ACLs) Part 2
In my last post, I covered a little bit about what an Access Control List (ACL) was. The Cookbook provides a great more detail.
To go along with the idea of the last post, the application has a few different areas: Users who are members of groups, Groups which have users as members, and Events [...]
No Comments » - Posted in Applications, PHP by stephen
Monday, August 25th, 2008
Access Control Lists (ACLs)
Access Control Lists, or ACLs, provide a good level of access control on any site. Code bases and platforms may use a different method of instituting ACLs and I am going to go through how CakePHP 1.2.x is handling them.
First is to understand what an ACL really is. The Cookbook has a good page [...]
