0
votes

I want to control access for unregisteres/unlogged users using Acl - i've setup it , tested it's working i can create new groups , users, add user to group and setup group premissions for specific controller actions

I've created usergroup called unregistered and user called temp but have no idea how to assign (map) unlogged person who entered the page to that user and group ?

2

2 Answers

0
votes

Why would you specify the default allow rule in the ACL structure?

Suppose you want to allow anonymous access to the following actions: register, about, someotherpage

And you want to control access via ACLs to: edit, reply, profile

In the Auth component, you can set the Auth::allow property, which specifies different controller actions that you want to allow everyone (logged in and non-logged in users alike) access to. So, in your controller (can either be AppController to apply globally, or SpecificController to apply only to that controller), specify (usually in the Controller::beforeFilter() method):

$this->Auth->allow = array( 'register', 'about', 'someotherpage' );

Then Auth will only restrict access to the other pages. This should be much simpler than what you were trying to do, assuming that I read you question correctly.

HTH!

0
votes

You're on the right track - you have defined an "anonymous" user and group. The next step you need to do is to automatically log in any anonymous user as the "anonymous" user (it sounds stupid, but trust me). That way you can set up the ACL permissions in the tables just as if they were a registered user.

@Travis Leleu - The tables for auth already exist, to define the permissions for registered users/groups, so why have a second, separate table for non-registered, anonymous users?