Comments on: Get ALL ACL permissions

By: Ken

Ken — Sun, 06 Dec 2009 09:29:11 +0000

@Neil: Yep your lead was right on!
That’s exactly what i did…

AppController::isAuthorized() is much like your “hasPermissions”.. only it returns the “in_array” of your $this->params['controller'] with $this->params['action'] – and not based on parameters sent to it.

This effectively reducded the amount of SQL’s for permissions to a single huge query upon login and eliminated the 3 queries that were ran upon each page load.
Well worth it when someone travels in the site a lot.

Thanks for everything, your blog has been a tremendous source of help!

By: Neil Crookes

Neil Crookes — Wed, 25 Nov 2009 20:27:35 +0000

@Ken, I’m sure it could. The cook book implies you could set the AuthComponent::authorize property to ‘controller’ then have a AppController::isAuthorized() method that could check the session. Let me know how you get on.

By: Ken

Ken — Wed, 25 Nov 2009 15:00:57 +0000

@Neil, Thank i got it working.. it works great!

Also, i was wondering if this can somehow be used to remove the ACL checks that are ran at each page load (The ACL SQL queries) – since we loaded all the permissions into the Session.. it is somehow possible to override the check process to try the session first?

I know the main purpose of loading them into the session is for the views, but maybe it can also be used to cut down on those queries that run on each page… thus giving this massive query even more credit

Like to hear your thoughts.

Thanks, Ken.

By: Neil Crookes

Neil Crookes — Sun, 22 Nov 2009 19:40:53 +0000

@Ken, yes it does require your User model to “actAs” ACL. The node() function requires the id property of the User model set. You could do it outside the permissions() function if you wanted.

By: Ken

Ken — Sun, 22 Nov 2009 15:00:24 +0000

Does this require your User model to “actAs” ACL (behaviour)?
I’m asking only because i’m not sure , but i see the node() function call.

Also, if it works based on the node, why do you need the $userId to be passed to the function ?

thanks,
Ken.

By: Amit Badkas

Amit Badkas — Fri, 26 Jun 2009 12:02:54 +0000

Neil,

“@mark, patch onit’s way soon, as soon as I get internet up and running in my new house.”

When will this happen? I need patch desperately too :)

Thanks in advance

By: Jordan

Jordan — Mon, 11 May 2009 18:25:57 +0000

You could just use this to get the permissions:

function permissions($userId) {
return $this->Acl->Aro->find(‘threaded’,array(‘conditions’=>array(‘Aro.foreign_key’=>$userId)));
}

It seems to be a little simpler than that huge statement

By: CakePHP Digest #9 - The One Where I Steal Everyone’s Ideas | PseudoCoder.com

Thu, 12 Mar 2009 02:42:10 +0000

[...] Crookes posted a query that will grab all the ACL permissions at once. Be warned, this query is not for the faint of heart. It feeds on three whole cows a day [...]

By: links for 2009-03-10 « Richard@Home

links for 2009-03-10 « Richard@Home — Wed, 11 Mar 2009 05:15:03 +0000

[...] Neil Crookes » Get ALL ACL permissions (tags: cakephp acl) Possibly related posts: (automatically generated)links for 2009-01-15Media types in css serve up tags for print or handheld devicesAdv. Scripting – Week 2My daily readings 05/11/2008 [...]

By: Neil Crookes

Neil Crookes — Tue, 10 Mar 2009 21:32:10 +0000

Hey Andy, cheers for the comment. I’ll check out your query as soon as I get into to work tomorrow. Looks promising though.

I know what you mean about the sentence about the self joins – what you said is what I meant – 3 self joins with full table scan for each, so the result set the where conditions are applied to is essentially, the number of records in the table to the power of the levels in the Aco hierarchy. Ouch. The work done to improve this – does it involve moving the conditions into the joins?

Any other cool stuff coming in 1.3 that you can share exclusively on my blog?