ACL允許在CakePHP 2.x中不起作用的動作

Question

我有一個多步旅行請求應用程序。用戶被引導到第一步，例如localhost/intraweb/travel_requests/step/1，直到他們到達最後一步localhost/intraweb/travel_requests/step/5。我現在遇到的問題是隻有管理員可以訪問步驟和普通用戶不能。在我的情況下，用戶在我的組表中有一個ID = 10

這是怎麼了我在我的UsersController使用ACL

//allow users to do a travel request 
public function initDB() { 
$group = $this->User->Group; 
$group->id = 10; 
$this->Acl->allow($group, 'controllers/TravelRequests/step($stepNumber'); 
} 

這裏是我爲我的TravelRequestsController代碼

public function beforeRender() { 
parent::beforeRender(); 
$params = $this->Session->read('form.params'); 
$this->Auth->allow('step($stepNumber)'); 
$this->set('params', $params); 
} 

public function setup() { 
$steps = 5; 
$this->Session->write('form.params.steps', $steps); 
$this->Session->write('form.params.maxProgress', 0); 
$this->redirect(array('action' => 'step', 1)); 
} 

public function step($stepNumber) { 
if($this->Session->read('form.params.steps') != 5) { 
$this->redirect(array('action'=>'index')); 
} 

if (!file_exists(APP.'View'.DS.'TravelRequests'.DS.'step_'.$stepNumber.'.ctp')) { 
$this->redirect('/travel_requests/index'); 
} 

$maxAllowed = $this->Session->read('form.params.maxProgress') + 1; 
if ($stepNumber > $maxAllowed) { 
$this->redirect('/travel_requests/step/'.$maxAllowed); 
} else { 
$this->Session->write('form.params.currentStep', $stepNumber); 
} 
} 

做一些有一個想法，我錯過了我的代碼？

預先感謝您

Answer 1

您正在試圖讓$this->Acl->allow($group, 'controllers/TravelRequests/step($stepNumber');其中step($stepNumber不是現有的操作。

您應該改用$this->Acl->allow($group, 'controllers/TravelRequests/step')。