Cakephp ACL ARO_ACO
我已经在 CRM 上工作了大约 5 个月,我们即将推出它,我在 Cake 的 ACL 上遇到了一个令人筋疲力尽的问题。我在一定程度上理解了这些概念。我遇到的问题是 ARO_ACO 连接表中的 CRUD 权限。据我了解,我在给定的控制器/操作上创建权限。好吧,但我不明白为什么只拒绝 ARO_ACO 表的 CRUD 部分中的一个节点,就会完全拒绝用户访问。我有超过 200 个控制器操作,如果我要全面设置权限并且必须深度拒绝访问,这看起来完全是浪费时间。
既然每个操作都有记录,为什么“删除”操作会有 CRUD 操作呢?
例子:
1;17;1;"1";"1";"1";"1" << full access to admin group on all controllers.
15;19;14;"-1";"-1";"-1";"-1" << deny delete action on just one controller
I've been working on a CRM for about 5 months and we are about to launch it, I am having an exhausting problem with Cake's ACL. I understand the concepts to a degree. The problem I'm having is with CRUD permissions in the ARO_ACO join table. As I understand it, I create permissions on a given controller/action. That alright, but I don't understand why denying just even one node out of the CRUD portion of the ARO_ACO table, completely denies the user access. I have more than 200 controller actions, this would seem like a complete waste of time, if I were to set up permissions across the board and have to deny access that deeply.
Since every action has a record, why would a "delete" action have CRUD on that action?
Example:
1;17;1;"1";"1";"1";"1" << full access to admin group on all controllers.
15;19;14;"-1";"-1";"-1";"-1" << deny delete action on just one controller
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不幸的是,蛋糕就是这样。我遇到了类似的问题,最终使用 Alaxos ACL 插件修复了我的 ACL 问题。起初,有点麻烦,但经过几次尝试后,我成功了。
在这里查看...
Unfortunately that is how Cake is. I had a similar issue and ended up fixing my ACL problem using the Alaxos ACL plugin. At first, it was a little troublesome, but after a few attempts I got it to work.
Check it out here...