CakePHP 1.2 has a new AclBehavior which makes using the inbuilt ACL easier. AclBehavior makes the association between your model and the Aro (or Aco) database entry automatic. It handles the insert, updates and deletes whenever you modify your model. All that is required to use the AclBehavior is a function called parentNode().
AclBehavior can be used for creating AROs or ACOs. Any model may be an Access Request Object, but typically it is either the User model or a Group model that authorization is done on. In either case it is the same for any model you choose. AclBehavior defaults to creating AROs which is what we want. As for ACOs, usually these are controllers and/or actions, which don’t lend themselves to the AclBehavior so well.
First step is to set up your database ACL tables with
cake acl initdb
Basics
You need to include the behaviour and create a function called parentNode. This is the minimum required to use AclBehavior.
<?php
class User extends AppModel {
var $name = 'User';
var $actsAs = array('Acl');
function parentNode(){
}
}?>
What is the parentNode() function for?
It is used when you have cascading, or inherited permissions, for example a Group model. The parentNode() function must return the id of the parent Model (not the id of the parent Aro). Typically this will be the parent_id of your Model, if you are using the standard convention for trees in Cake.
<?php
class Group extends AppModel {
var $name = 'Group';
var $actsAs = array('Acl');
function parentNode(){
if (!$this->id) {
return null;
}
$data = $this->read();
if (!$data['Group']['parent_id']){
return null;
} else {
return $data['Group']['parent_id'];
}
}
}
?>
That’s it. Your model is now associated with an Aro entry in the aro table in your database.
Further Reading
Keep an eye out for my upcoming article on the Auth Component. See my post Using AuthComponent and ACL in CakePHP 1.2
Also see Groups with ACL for using groups and users together
In the meantime I highly recommend the article Access Control for all (Part 1) by AD7six
[...] AuthComponent and ACL in CakePHP 1.2 19 07 2007 So I’ve shown you how to create a User Model that can be used for ACL, but what is [...]
[...] with Groups 19 07 2007 In a previous article I explained how to use the AclBehavior to create models that can be used for [...]
With Beta version your parentNode() function seems doesn’t work. It set Aros.parent_id = null.
So I need write this parentNode() function
function parentNode(){if(!$this->data['Group']['parent_id'])
return null;
else
return array('model'=>'Group','foreign_key'=>$this->data['Group']['parent_id']);
}
[...] – Using AclBehavior in CakePHP 1.2 lemoncake.wordpress.com – Using AuthComponent and ACL in CakePHP 1.2 bakery.cakephp.org – How to [...]
Great article, just would like to note that the “cake acl initdb” command is now deprecated. People using cake 1.2 should use the following command instead:
cake schema run create DbAcl
[...] get that ID if I don’t know what it is? There is a new method that can be used and you can read about it here. However, I didn’t like that idea because it wouldn’t update the information if I [...]
[...] Using AclBehavior in CakePHP 1.2 « Another Cake Baker acl behavior (tags: acl cakephp) [...]