ACL Management Plugin

By Jeff Loiselle (phishy)
A simple, easy, AJAXY, solution for managing your access control lists.
Introduction
It has been done before. I believe both Mariano Iglesias (mariano_iglesias) and Andy Dawson (ad7six) have both created ACL plugins. But unfortunately, at the time of this writing, neither of them worked for me. So I decided to create an AJAX ACL plugin. I needed one for my current project, plus I wanted to contribute something else to CakePHP outside of the crappy Oracle DBO that I wrote a year ago; and writing a fancy new plugin is way more fun that writing data import scripts and reports for my boss.

Before I waste too much of your time, you're welcome to check out a demo here:
http://dev.newnewmedia.com/cakephp/admin/acl
If you're still with me, then I can explain how you can get this puppy working for yourself.

Requirements: Instructions for Installation
Note: At the time of this writing, CakePHP has no way of bundling images/css/js within the plugin. So if you want this thing to look pretty, you're going to have to do a little extra work.

  1. Download Prototype, drop the file directly into /app/webroot/js
  2. Download Tango Icon Library, name the folder 'tango', and put it in /app/webroot/img
  3. Checkout the ACL plugin source from svn and put the 'acl' folder in /app/plugins
  4. edit your core.php and turn on admin routing
  5. Browse to the address /admin/acl

That's it! The ACL management plugin should be installed. Usage instructions are built into the plugin, so I do not have to go on at length about it here.

If you have any questions feel free to leave comments here in the Bakery.

 

Comments 563

CakePHP Team Comments Author Comments
 

Question

1 AclController could not be found

Strange...

The first page comes ok, but I've got a "Missing controller" error by clicking on anything (Manage Aros, Manage Acos or Manage Permissions).

Error details: "You are seeing this error because controller AclController could not be found."

Could you help with this?

Thank you
Posted Nov 12, 2007 by helio ricardo
 

Comment

2 Written for CakePHP 1.2

I failed to mention that this was written for CakePHP 1.2. Is that the version you are using?
Posted Nov 14, 2007 by Jeff Loiselle
 

Comment

3 AclController could not be found

I failed to mention that this was written for CakePHP 1.2. Is that the version you are using?
Im getting the same error using the pre-beta version of 1.2.
Posted Nov 14, 2007 by Jose M. Navas
 

Comment

4 Fix the menu links

I had to fix the links as well. Here's what I did:

in ../acl/views/elements/acl_menu.ctp <div class="acl_menu">
<?php print $html->image('/tango/32x32/places/folder.png', array('align' => 'absmiddle')) ?><?php print $html->link('Acl Menu', array('controller'=>'acl','action'=>'admin_index')); ?>
<?php 
print $html->image('/tango/32x32/apps/system-users.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Aros', array('controller'=>'acl','action'=>'admin_aros')); ?>
<?php 
print $html->image('/tango/32x32/apps/preferences-system-windows.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Acos', array('controller'=>'acl','action'=>'admin_acos')); ?>
<?php 
print $html->image('/tango/32x32/emblems/emblem-readonly.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Permissions', array('controller'=>'acl','action'=>'admin_permissions')); ?>
</div>

And for the index page, ../acl/views/acl/admin_index.ctp <ul class="acl">
<li><?php print $html->image('/tango/32x32/apps/system-users.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Aros', array('controller'=>'acl','action'=>'admin_aros')); ?></li>
<li><?php print $html->image('/tango/32x32/apps/preferences-system-windows.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Acos', array('controller'=>'acl','action'=>'admin_acos')); ?></li>
<li><?php print $html->image('/tango/32x32/emblems/emblem-readonly.png', array('align' => 'absmiddle')) ?><?php print $html->link('Manage Permissions', array('controller'=>'acl','action'=>'admin_permissions')); ?></li>
</ul>

And by the way Jeff, this is a really nice plugin and I am sure it will help me in my struggling with the auth/acl mess I've run into!
Posted Nov 15, 2007 by Daniel Jansson
 

Comment

5 Database Structure

Hi, I'm a newbie to Cake and am not sure how the database is supposed to be structured. Is there a link to the SQL for the table? Much help is appreciated.
Posted Nov 15, 2007 by Wendy
 

Comment

6 use the console to initialize the tables

Hi, I'm a newbie to Cake and am not sure how the database is supposed to be structured. Is there a link to the SQL for the table? Much help is appreciated.
You'll probably want to open up a shell, cd into the cake/console directory, and run this..

./cake acl initdb
Posted Nov 16, 2007 by Jeff Loiselle
 

Comment

7 Problems installing

Hello

i did all this:

1. Download Prototype, drop the file directly into /app/webroot/js
2. Download Tango Icon Library, name the folder 'tango', and put it in /app/webroot/img
3. Checkout the ACL plugin source from svn and put the 'acl' folder in /app/plugins
4. Browse to the address /admin/acl

http://www.dev.localhost/admin/acl
"You are seeing this error because controller AdminController could not be found.

Notice: If you want to customize this error message, create app/views/errors/missing_controller.thtml.

Fatal: Create the class below in file : app/controllers/admin_controller.php

class AdminController extends AppController {
var $name = 'Admin';
}
?>"


What should I do?
Posted Nov 20, 2007 by Jonas Hartmann
 

Comment

8 turn on admin routing

sorry, i failed to mention in my tutorial that you need to turn on admin routing in your core.php config file.
Posted Nov 20, 2007 by Jeff Loiselle
 

Comment

9 json requests not returned

Hi,


I am unable to get this plugin going. The issue is that the json requests are not returned. Initially upon installing I get this error

Parse error: parse error, unexpected '&', expecting T_VARIABLE or '$' in D:\Apache2.2.4\vhosts\..\app\plugins\acl\controllers\acl_aros_controller.php on line 36


removing the & in the foreach loop, still does not mena that requests are returned.

Warning (2): Missing argument 1 for children() [CORE\html\plugins\acl\controllers\acl_aros_controller.php, line 31]

I have made the changes above with the navigation and had a general fiddle around.


php4.4.7 cake1.2 pre beta

where am I going wrong??
Posted Nov 20, 2007 by Sam Sherlock
 

Comment

10 php5

i failed to mention i wrote this for php5. i'll rework it for php4 soon. stay tuned.
Posted Nov 26, 2007 by Jeff Loiselle
 

Comment

11 Downloading plugin

The demo looks great.
Now for the silly newbie question. How do I download the plugin code from svn://newnewmedia.com/cakephp/plugins/acl ?
I haven’t come across ‘svn’ before.
Posted Dec 1, 2007 by Lance
 

Comment

12 SVN

The demo looks great.
Now for the silly newbie question. How do I download the plugin code from svn://newnewmedia.com/cakephp/plugins/acl ?
I haven’t come across ‘svn’ before.

http://tortoisesvn.tigris.org/
a pleasure to use, simple also
Posted Dec 1, 2007 by Sam Sherlock
 

Bug

13 Showstopper Bug with the ACL Management Plugin in newer revisions

After searching for the problem for 8 hours I've found the bug that causes the ACL Management Plugin to malfunction in more recent revisions ( >= 606x).

Due to the use of a deprecated function (loadModel()) the plugins JSON model isn't loaded anymore. To solve the issue you have to replace the function

loadModel('JSON');

in each of the plugins controllers with

App::import(
$type = 'Model',
$name = 'JSON',
$parent = true,
$search = array("/your/path/to/the/plugins/JSON/dir","/Add/optional/paths/at/will"),
$file = 'JSON.php',
$return = false
);

Please help by hunting down bugs in other usefull plugins. Thanks for the ACL Manager, Jeff.
Posted Dec 2, 2007 by Phillip
 

Question

14 not working for me

I have followed these instructions exactly. I can get to /admin/acl, but once I click on anything else, I am just shown this:

Missing controller

You are seeing this error because controller AclController could not be found.

Notice: If you want to customize this error message, create app\views\errors\missing_controller.ctp

Fatal: Create the class below in file: app\controllers\acl_controller.php

class AclController extends AppController {
var $name = 'Acl';
}
?>
What am I doing wrong?
Posted Dec 9, 2007 by Luke Visinoni
 

Comment

15 cake1 2 0 5875 pre beta bug for cake acl initdb

In new released version cake_1.2.0.5875-pre-beta ,

 cake acl initdb 
gives following error:

..\console\config\ not found


Can any one help me sort out this bug ??

Thanks in advance.
Posted Dec 14, 2007 by s a khan
 

Question

16 cake1 2 0 5875 pre beta bug for cake acl initdb

In new released version cake_1.2.0.5875-pre-beta ,


 cake acl initdb 
gives following error:

 ...cake\console\config  not found 
Can any one help me sort out this bug ??

Thanks in advance.
Posted Dec 14, 2007 by s a khan
 

Question

17 SVN problems

hi jeff.
I'm having problem opening the ur svn url. FYI i'm using kdesvn.
Posted Jan 8, 2008 by eavay
 

Comment

18 can be a bug

In new released version cake_1.2.0.5875-pre-beta ,


 cake acl initdb 
gives following error:

 ...cake\console\config  not found 
Can any one help me sort out this bug ??

Thanks in advance.

yes i can confirm this as well. ANYONE PLS?!
Posted Jan 29, 2008 by Rahul
 

Comment

19 cake acl initdb

apparently the command behaves differently when run from ROOT\cake\console\ AND ROOT\app\

to people facing problems. run this cmd from ROOT\app. it will issue a warning that the its deprecated and give another cmd: cake schema run create DbAcl

this will work. (ps: ur database config file should be workable)
Posted Jan 29, 2008 by Rahul
 

Comment

20 fixed but works

I got PHP 5.2, CakePHP 1.2 beta
i had to fix it adding the $name var to the controllers

var $name = 'AclAros';
var $name = 'AclAcos';
var $name = 'Acl';
var $name = 'AclPermissions';

Now it works!
Posted Feb 20, 2008 by Ariel Patino
 

Comment

21 Plugin not working correctly.

My environment:
PHP 5
CakePHP 1.2.0.6811 - Beta
Plugin
Prototype 1.5.1.1
Tango Icon Library

CalePHP is in a subdirectory "Tor".

"http://localhost/Tor/admin/acl/aros" results in the manage aros page showing but a moment later it is replaced by a broken version of the page with database debug info. If I click the "stop" button at the right time, I can catch the original manage aros page. Its almost like a redirect somewhere is activated.
Posted Mar 3, 2008 by Peter Fogg
 

Comment

22 Requires Alias

If you install this plugin, but none of your ACO/ARO records are appearing then it's probably because you're not using aliases. This plugin needs you to set an alias for it to function correctly.
Posted Mar 4, 2008 by Matt Curry
 

Comment

23 Plugin not working correctly.

Thanks for the comment. However, it turns out that what I was observing was occurring because I had the debug set to 2. Once it was changed to 1, the pages rendered correctly.
Posted Mar 4, 2008 by Peter Fogg
 

Bug

24 Not working when DB is initialized with zero records

Thanks Jeff for nice plug in .But i am having a problem . I have initialized db and there is no record yet. I am unable to create new aco / aro . Can any one help me ??? .

And one more question ! Can any one simulate a scenario on DEMO site http://dev.newnewmedia.com/cakephp/admin/acl
e.g for Post vs User/Groups such that
Post
-add
-edit
-view
-delete
-admin_add
-admin_edit
-admin_view
-admin_delete
-admin-verify
Group
(root) SuperAdmin Has all rights
/create group
/create user
/create acos/aros and permissions
Mediators - cannot delete
Users - can post /and edit his own posts




An how about if we can list controllers dynamically as acos and their actions . Is not that be good if we can create alias and keys values for the acos/and aros dynamically .

Thanks in advance for your time and knowledge .
Posted Mar 5, 2008 by s a khan
 

Question

25 please dont hit me

but i've a problem to set up the application. i get the error "Fatal error: Class 'AclAppController' not found in .... \controllers\acl_controller.php on line 3"
the acl_app_controller.php is in the app directory and the other controllers in the same named folder....
Posted Mar 9, 2008 by paulr
 

Comment

26 Tango link is broken

Google says to go here instead:
http://tango.freedesktop.org/Tango_Icon_Library
Posted Mar 19, 2008 by ambiguator
 

Comment

27 IE7 not loading AJAX dropdowns

Brilliant plugin! With minor issues works also under 1.2-alpha release.

The only biggish issue I am having is with compatibility with IE7. It doesnt load AJAX dropdowns for some reason. Any clues why? Its OK under Firefox.
Posted Apr 17, 2008 by Marek
 

Comment

28 IE problem

Loading ajax request results to the select tags doesn't work for IE, because there is restriction for texts which can be there loaded. To fix it you should put select into div and render whole div.

Please read:
http://forum.mootools.net/topic.php?id=4186#post-39085
Posted Apr 17, 2008 by Jan Szoja
 

Question

29 Broken link.

Hi Jeff Loiselle,

I tried your demo of the acl manager and want to give it a try!

But I get an error when I try to "browse" the link svn://newnewmedia.com/cakephp/plugins/acl (I use tortoise SVN)

Can you double check that the files are in place?

Regs and greets

Par
Posted May 26, 2008 by Par Schutzer
 

Comment

30 debug

Just to give others a heads up: I needed to set debug to "0" as response times were being added to the string.

To get arround it (temporarily) I used the following:

/app/plugins/views/acl/admin_aros.cpt

change:

function (transport) {
data = eval("("+transport.responseText+")");
$('aro_editor_id').value = data.id;
$('aro_editor_originalParentId').value = data.parent_id;
$('aro_editor_alias').value = data.alias;
$('aro_editor_model').value = data.model;
$('aro_editor_foreignKey').value = data.key;
$('aro_editor_create').hide();
$('aro_editor_update').show();
$('aro_editor_cancel').show();
$('aro_editor_delete').show();
indicator_hide();
}});

to:

function (transport) {
TspRsp = transport.responseText;
TspRsp = TspRsp.split(",");

idsplit = TspRsp[0].split('"');
id = idsplit[3];

aliasSplit = TspRsp[1].split('"');
alias = aliasSplit[3];

modelSplit = TspRsp[2].split('"');
model = modelSplit[3];

fkSplit = TspRsp[3].split('"');
fk = fkSplit[3];

$('aro_editor_id').value = id;
$('aro_editor_alias').value = alias;
$('aro_editor_model').value = model;
$('aro_editor_foreignKey').value = fk;
$('aro_editor_create').hide();
$('aro_editor_update').show();
$('aro_editor_cancel').show();
$('aro_editor_delete').show();
indicator_hide();
}});

Not elegant but did the trick.
Posted May 28, 2008 by Joel Hughes
 

Question

31 ACL permissions for Plugins

How do you set permissions for a plugin? Example I have Pizza plugin and Order controller. How do I set that the Pizza.Order is available only for registered customers?
Posted Jul 1, 2008 by Rachel
 

Comment

32 SVN error

hi, I downloded SVN from http://tortoisesvn.tigris.org/.

when i want to checkout then show failed.
Checkout from http://dev.newnewmedia.com/cakephp/admin/acl, revision HEAD, Fully recursive, Externals included
XML data was not well-formed
Finished!
why?
Posted Jul 9, 2008 by Anisur Rahman Alamgir
 

Comment

33 svn not http

hi, I downloded SVN from http://tortoisesvn.tigris.org/.

when i want to checkout then show failed.
Checkout from http://dev.newnewmedia.com/cakephp/admin/acl, revision HEAD, Fully recursive, Externals included
XML data was not well-formed
Finished!
why?

That's the demo, while svn repo's can be accessed via http sometimes he has his setup via the svn protocol. The correct address is svn://newnewmedia.com/cakephp/plugins/acl
Posted Aug 3, 2008 by Francis
 

Comment

34 new url for icons

Just so people know the tango project seems to have lost their domain, you can find the icons here.

http://tango.freedesktop.org/releases/
and the direct download

http://tango.freedesktop.org/releases/tango-icon-theme-0.8.1.tar.gz
Posted Aug 3, 2008 by Francis
 

Comment

35 unable to find the plugin...

Hi
it seems that I am unable to find the plugin.
copied your plugin to my app/plugins
saved prototype.js and tango icons
enabled admin routing
but it can't find it

I use acl, and tried to add an aro for it and to allow me to access: no success

Any hint? thanks!
marco
Posted Aug 5, 2008 by marco
 

Question

36 URL?

http://localhost/admin/acl does not work (Missing Controller error: "AclController");

However, http://localhost/admin/acl/acl does work. Probably because the Book says plugins should be called like /pluginname/controllername/action.
http://book.cakephp.org/view/119/Plugin-Tips
Posted Oct 24, 2008 by Brenton
 

Comment

37 Very nice ...

Looks like a good start.

I'm seeing a couple of issues when running this locally though.

My display doesn't look like your demo. I downloaded the latest from subversion, but I don't see the bits at the bottom of the page when assigning permissions (or more importantly, I have to click the lists again to see the updated permissions).

I had to copy the acl.css to my webroot/css folder to get the right CSS on the pages (this seems to sort have fixed the issue with the debug too, since now it's all nicely formatted, although the debug code still shows up in the list boxes).

Appears to me that the fix is to change the acl/views/layout/default.ctp at line 40 from:
<?php echo $html->css('acl');?> To:
<?php echo $html->css('/acl/css/acl');?>
Posted Oct 30, 2008 by Rob Weaver
 

Comment

38 Issue with AclNode

Maybe helpful.

When I tried to run the ACL admin, I ran into the following error:

Fatal error: Class 'AclNode' not found in ../app/plugins/acl/models/acl_aco.php on line 7

Adding the this piece of code to acl_aco.php and acl_aro.php solved the problem.


<?php

if (!class_exists('AclNode')) {
    
uses('model' DS 'db_acl');
}

//Model code
class AclAro extends AclNode {

}
?>
Posted Jan 27, 2009 by Thorsten Scherer
 

Comment

39 The installation could be easier

At the time of this writing, CakePHP has no way of bundling images/css/js within the plugin.
You can put the images, js and css files into de vendors directory of your plugin.

Ed
Posted Feb 8, 2009 by Ed Akos
 

Comment

40 newer version elsewhere

you can find the most updated version of this plug-in at the following URL: http://github.com/phishy/acl_plugin/tree/master
Posted Feb 14, 2009 by Travis Rowland
 

Comment

41 Missing Method in AclController

Hi,

I am having an issue while setting up CakePHP ACL Plugin.

Missing Method in AclController
Error: The action index is not defined in controller AclController

Error: Create AclController::index() in file: admin\controllers\acl_controller.php.

Could you please provide me some advice on this?

Thanks
Posted May 17, 2009 by LeeHerng
 

Question

42 Unable to checkout using Tortoise SVN, is it still available?

I have tried to checkout the given svn path.
svn://newnewmedia.com/cakephp/plugins/acl

But i get the following error..

Can't connect to host 'newnewmedia.com': No connection could be made because the target machine actively refused it.
Posted Jun 10, 2009 by M Naveed Akram
 

Comment

43 Found files

I have tried to checkout the given svn path.
svn://newnewmedia.com/cakephp/plugins/acl

But i get the following error..

Can't connect to host 'newnewmedia.com': No connection could be made because the target machine actively refused it.

I couldn't get it either. But, think he's got a copy here http://github.com/phishy
Posted Jun 25, 2009 by nfi
 

Question

44 Don't show anything

Hello,
I've just installed the plugin and initialize acl's tables in my BD with a script found here : http://www.formation-cakephp.com/32/gestion-des-droits-dacces-par-groupes-dutilisateurs-avec-acl (sorry im french) and the plugin donn't find anything and on all the plugin's page it show that there is no aros and acos.
Do someone know why ?
Posted Jun 30, 2009 by Jérôme Foray