0

我按照教程进行操作,没有收到任何错误,但 acl 允许所有用户执行所有操作。我使用 aclmanager 检查了所有权限是否正确显示。我添加了 parent::beforeFilter(); 在所有控制器中。我错过了什么吗?有人可以帮我解决这个问题吗?

这是我的 initDB 函数

public function initDB() {
$group = $this->User->Group;

$group->id = 1;
$this->Acl->allow($group, 'controllers');

$group->id = 2;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Employees');

 $group->id = 3;
$this->Acl->deny($group, 'controllers');
//we add an exit to avoid an ugly "missing views" error message
echo "all done";
 }

这是我在 appcontroller 中的 beforefilter 功能

function beforeFilter(){
$this->Auth->authorize = array(
    'Controller',
    'Actions' => array('actionPath' => 'controllers')
    );
$this->Auth->authenticate = array('Form' => array('fields' => array('username' =>          'username', 'password' => 'password')));   
 $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'employees', 'action' =>   'employee_list');
 }
4

1 回答 1

0

你确定你启用了acl组件吗?

检查您AppController的某个时间,例如:

public $components = array(
        'Acl',
        'Auth' => array(
            'authorize' => array(
                'Actions' => array('actionPath' => 'controllers')
            )
        ),
        'Session'
);
于 2013-02-16T14:17:21.773 回答