CakePHP ACL：可选的ACO节点（默认情况下允许）

Question

I'm making a CakePHP app using a modified version of database ACL.

In order to avoid having to create ACO nodes for every single controller, I would like to establish a system whereby users are allowed access to a page unless otherwise denied . This means that I don't want to create ACO nodes for controllers unless absolutely necessary.

Normally, if I fail to create an ACO node, when my isAuthorised() function performs $this->Acl->check , I get an error such as this...

Warning (512): DbAcl::check() - Failed ARO/ACO node lookup in permissions check.  Node references:
Aro: Array
(
    [model] => Role
    [foreign_key] => 1
)

I think a feasible solution would be to check if the ACO node exists before performing a $this->Acl->check command. If it doesn't exist, then it would be possible to stop it from checking permissions.

Is there a way to check out if an ACO node exists, based on the output of $this->Auth->action() (which outputs something like controllers/Members/Edit )?

My Auth ActionPath is set to 'controllers'.

Or maybe there is a better way of going about it?

I hope I have phrased my question adequately, I will ensure to clarify if not.

Thanks!

Answer 1

You can use this to check if the Aco exists.

if($this->Acl->Aco->node('controllers/Members/Edit')) {
    debug('Aco exists!');
}

Answer 2

If you want to use ACL component you must have ARO and ACO trees. Otherwise there is no sense to use that component.

I would suggest you to create a super-user for all users, allow him to access all ACO nodes, but deny specific ACO nodes. So, all users would inherit the permissions from that abstract super-user. I guess you have studied Simple Acl controlled Application tutorial , haven't you?

Another option would be to use Auth component and write your own permissions handling component. There are many tutorials how to build admin panel.

Answer 3

通过对核心ACL.php文件进行编辑来解决此问题，没有正常的解决方案。