Update on DbAcl ticket #2976

27 08 2007

Wow – ask and you shall recieve. Not long after I posted this, changset 5588 implemented Simons patch.

One of the things that I have noticed about DbAcl, and other people have mentioned it as well on the Google Group, is that apart from not handling non-unique aliases very well, DbAcl node lookup will fail if the url does not have the full path in the ACO tree.

For example, consider the following tree.

|_ controller1
|_ controller 2
  |_action 1

If you then access http://localhost/controller1/ everything is fine. But when you try to access http://localhost/controller1/action1 you will get errors from DbAcl something like:
Warning (512): DB_ACL::check() - Failed ACO node lookup in permissions check.

Ok so just put all the actions in the database was my first solution. That is until I realised that something like /posts/view/id is going to need an ACO for every id, which seems a bit overkill.

What I would like is for non-existent children ACOs to automatically inherit from the parent and so on. Obviously this is only suitable for ACOs based on urls.

Simon Jaillet has submitted a new patch to the the CakePHP Trac Ticket #2976. Simon describes his reasons for creating the patch in his post and goes on to describe his own ACL implementation.

The patch that Simon has submitted resolves the inheritence problem. Simon also submitted an updated test case that contains tests specifically for non-existent children. I have tested this patch against the updated test cases and on some actual applications and I highly recommend updating to the latest svn trunk (5588 at time of update).applying this patch – at least until it makes it into the core. Which I sincerely hope that it does.

Kudos to Simon Jaillet, you are my new Acl hero having solved the inheritence problem for me.




2 responses

29 08 2007
Using AuthComponent and ACL in CakePHP 1.2 « Another Cake Baker

[…] AuthComponent and ACL in CakePHP 1.2 19 07 2007 The uniqueness issues and also an issue with inheritence has been solved in changset […]

4 09 2007

Thanks for the greets 😉 !
But your first patch point me out the right direction !

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: