I'm usign the ORMAuth and setting permissions to a specific user using the table *_user_permissions. But when the acl driver generate the permissions to the user, it override the actions of the permissions.
An Example: I set up this permission control.user.[list, add] and this control.banner.[edit, delete], but when the acl driver generate the cache, it generate this: control.user.[list,add] and this control.banner.[list, add].
The permission record contains an indexed array with ALL possible actions for that permission, so [0 => list,1 => add, 2 => edit, 3=> delete].
The permission join record will then contain the indexes of the selected actions for that specific join record, for example [0,1] for [list,add], and [2,3] for [edit,delete].
But the cache file still wrong {{Fuel_Cache_Properties}}{"created":1386673102,"expiration":null,"dependencies":[],"content_handler":"serialized"}{{/Fuel_Cache_Properties}}a:3:{i:0;a:1:{s:7:"control";a:2:{s:4:"user";a:2:{i:0;s:4:"list";i:1;s:3:"add";}s:6:"banner";a:2:{i:0;s:4:"list";i:1;s:3:"add";}}}i:1;a:0:{}i:2;N;}
I'm running 1.8/develop, which is virtually the same as 1.7.1, and I haven't seen this behaviour.
I'll try to setup some tests, this is specific about permissions directly assigned to a specific user? Or do you have the same issue if you assign permissions to a user via group or role membership (the join table for those works exactly the same)?
I've setup a test here using our own app framework (for which Ormauth was written), running 1.8/develop.
When I create a user, and assign him the exact same rights you mentioned above (and select the "list" action for "banner", and the "add" and "edit" actions for user), I get this in the cache, which looks right to me.
Thank you for your attention. I will try to update the fuelphp and auth package to see if the problem will fix or maybe I`m doing something wrong, I will take a look.
Donate
