Hi, I've tried to upgrade to 1.7, and I get the following error:
ERROR - 2013-10-21 10:34:39 --> Warning - array_flip() expects parameter 1 to be array, null given in /***/fuel/packages/auth/classes/auth/acl/ormacl.php on line 187
This is when the actions field is set to null (example: user.create doesn't need additional actions, system.manage does (clean_db, or whatever)
I've also noted that it doesn't add any actions at all for the users' rights, so I've put back ormacl.php from 1.6.1, which works so far..
I've converted from NULL to empty serialized arrays in the DB, error is gone, but now actions are never set as actual right (licence.manage shows up, licence.manage.transfer doesn't)
If you use the supplied ORM models to access the tables (userpermission, rolepermission and grouppermission), this will be handled automatically. If you create records manually, you have to make sure all values are stored correctly.
If your permission contains a list of actions, you obviously need to assign them before you can use them
If, in your case, there is no right that assigns the action "transfer", it's logical that no user will have that right, and has_access("licence.manage.transfer") will return false.
The thing is, the rights are assigned, I've re-created all rights via the classes supplied, still no actions are visible when logged in. When i put /packages/auth/classes/auth/acl/ormacl.php from 1.6.1 it does, with 1.7 it doesn't.
There's a few things that changed in that file since 1.7, example:
code in 1.6.1:
isset($revoked_rights[$permission->area]) or $revoked_rights[$permission->area] = array(); if ( ! in_array($permission->permission, $revoked_rights[$permission->area])) { $revoked_rights[$permission->area][$permission->permission] = $role->rolepermission['['.$role->id.']['.$permission->id.']']->actions;
}
code in 1.7:
isset($revoked_rights[$permission->area][$permission->permission]) or $revoked_rights[$permission->area][$permission->permission] = array();
This is about revoked rights, so not relevant unless you're talking about that.
How do actions work?
The permission record defines the possible actions for that permission. For example: array('add', 'edit', 'delete'). The permission relation record (userpermission, rolepermission or grouppermission model) then defines which of these actions are assigned (to that user, role or group), by listing the array keys.
So if your permission assignment should give access to 'edit' only, it's action column should contain: array(1).