Correcting issue with permissions being incorrectly overwritten in ACL, fixes #4190

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6651 3807eeeb-6ff5-0310-8944-8be069107fe0
2024-11-15 11:28:25 +00:00 · 2008-04-10 13:19:10 +00:00 · 2008-04-10 13:19:10 +00:00 · a89beea029
commit a89beea029
parent 7e68ab152c
2 changed files with 75 additions and 120 deletions
--- a/cake/libs/controller/components/acl.php
+++ b/cake/libs/controller/components/acl.php
@ -388,8 +388,10 @@ class DB_ACL extends AclBase {
 		if ($perms['link'] != null && count($perms['link']) > 0) {
 			$save['id'] = $perms['link'][0][$this->Aro->Permission->alias]['id'];
 		} else {
 			$save['id'] = null;
 		}
-		return ($this->Aro->Permission->create($save) && $this->Aro->Permission->save());
+		return ($this->Aro->Permission->save($save) !== false);
 	}
 /**
 * Deny access for $aro to action $action in $aco
--- a/cake/tests/cases/libs/controller/components/acl.test.php
+++ b/cake/tests/cases/libs/controller/components/acl.test.php
@ -117,178 +117,130 @@ class AclComponentTest extends CakeTestCase {
 	function testAclCreate() {
 		$this->Acl->Aro->create(array('alias' => 'Global'));
-		$result = $this->Acl->Aro->save();
+		$this->assertTrue($this->Acl->Aro->save());
 		$this->assertTrue($result);
 		$parent = $this->Acl->Aro->id;
 		$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Account'));
-		$result = $this->Acl->Aro->save();
+		$this->assertTrue($this->Acl->Aro->save());
 		$this->assertTrue($result);
 		$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Manager'));
-		$result = $this->Acl->Aro->save();
+		$this->assertTrue($this->Acl->Aro->save());
 		$this->assertTrue($result);
 		$parent = $this->Acl->Aro->id;
 		$this->Acl->Aro->create(array('parent_id' => $parent, 'alias' => 'Secretary'));
-		$result = $this->Acl->Aro->save();
+		$this->assertTrue($this->Acl->Aro->save());
 		$this->assertTrue($result);
 		$this->Acl->Aco->create(array('alias' => 'Reports'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
 		$report = $this->Acl->Aco->id;
-		$this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Accounts'));
+		$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Accounts'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
 		$account = $this->Acl->Aco->id;
-		$this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Contacts'));
+		$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Contacts'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Messages'));
+		$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Messages'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'MonthView'));
+		$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'MonthView'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Links'));
+		$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Links'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $account, 'alias'=>'Numbers'));
+		$this->Acl->Aco->create(array('parent_id' => $account, 'alias' => 'Numbers'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'QuickStats'));
+		$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'QuickStats'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
-		$this->Acl->Aco->create(array('parent_id' => $report, 'alias'=>'Bills'));
+		$this->Acl->Aco->create(array('parent_id' => $report, 'alias' => 'Bills'));
-		$result = $this->Acl->Aco->save();
+		$this->assertTrue($this->Acl->Aco->save());
 		$this->assertTrue($result);
 	}
 	function testDbAclAllow() {
-		$result = $this->Acl->allow('Manager', 'Reports', array('read','delete','update'));
+		$this->assertTrue($this->Acl->allow('Manager', 'Reports', array('read', 'delete', 'update')));
 		$this->assertTrue($result);
-		$result = $this->Acl->check('Manager', 'Reports', 'create');
+		$this->assertFalse($this->Acl->check('Manager', 'Reports', 'create'));
-		$this->assertFalse($result);
+		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'create'));
-		$result = $this->Acl->check('Secretary', 'Links', 'create');
+		$this->assertTrue($this->Acl->allow('Secretary', 'Links', array('create')));
 		$this->assertFalse($result);
-		$result = $this->Acl->allow('Secretary', 'Links', array('create'));
+		$this->assertFalse($this->Acl->check('Manager', 'Reports', 'create'));
-		$this->assertTrue($result);
+		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
 		$result = $this->Acl->check('Manager', 'Reports', 'create');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Secretary', 'Links', 'create');
 		$this->assertTrue($result);
 	}
 	function testDbAclCheck() {
-		$result = $this->Acl->check('Secretary','Links','read');
+		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'read'));
-		$this->assertTrue($result);
+		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'delete'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'update'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', '*'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
 		$this->assertTrue($this->Acl->check('Manager', 'Links', 'read'));
 		$this->assertTrue($this->Acl->check('Manager', 'Links', 'delete'));
 		$this->assertFalse($this->Acl->check('Manager', 'Links', 'create'));
 		$this->assertFalse($this->Acl->check('Account', 'Links', 'read'));
-		$result = $this->Acl->check('Secretary','Links','delete');
+		$this->assertTrue($this->Acl->allow('Global', 'Reports', 'read'));
 		$this->assertTrue($result);
-		$result = $this->Acl->check('Secretary','Links','update');
+		$this->assertFalse($this->Acl->check('Account', 'Reports', 'create'));
-		$this->assertTrue($result);
+		$this->assertTrue($this->Acl->check('Account', 'Reports', 'read'));
 		$this->assertFalse($this->Acl->check('Account', 'Reports', 'update'));
 		$this->assertFalse($this->Acl->check('Account', 'Reports', 'delete'));
-		$result = $this->Acl->check('Secretary','Links','create');
+		$this->assertFalse($this->Acl->check('Account', 'Links', 'create'));
-		$this->assertTrue($result);
+		$this->assertFalse($this->Acl->check('Account', 'Links', 'update'));
 		$this->assertFalse($this->Acl->check('Account', 'Links', 'delete'));
-		$result = $this->Acl->check('Secretary','Links','*');
+		$this->assertTrue($this->Acl->allow('Global', 'Reports'));
 		$this->assertTrue($result);
-		$result = $this->Acl->check('Secretary','Links','create');
+		$this->assertTrue($this->Acl->check('Account', 'Links', 'read'));
 		$this->assertTrue($result);
 		$result = $this->Acl->check('Manager','Links','read');
 		$this->assertTrue($result);
 		$result = $this->Acl->check('Manager','Links','delete');
 		$this->assertTrue($result);
 		$result = $this->Acl->check('Manager','Links','create');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Account','Links','read');
 		$this->assertFalse($result);
 		$result = $this->Acl->allow('Global','Reports', 'read');
 		$this->assertTrue($result);
 		$result = $this->Acl->check('Account','Links','create');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Account','Links','update');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Account','Links','delete');
 		$this->assertFalse($result);
 		$result = $this->Acl->allow('Global','Reports');
 		$this->assertTrue($result);
 		$result = $this->Acl->check('Account','Links','read');
 		$this->assertTrue($result);
 	}
 	function testDbAclDeny() {
-		$result = $this->Acl->check('Secretary', 'Links', 'delete');
+		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'delete'));
 		$this->assertTrue($result);
-		$this->Acl->allow('Secretary','Links','read');
+		$this->Acl->allow('Secretary', 'Links', 'read');
 		$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary')));
-		$expected = array('id' => '2', 'aro_id' => '4', 'aco_id' => '15', '_create' => '1', '_read' => '1', '_update' => '', '_delete' => '');
+		$expected = array('id' => '2', 'aro_id' => '4', 'aco_id' => '15', '_create' => '1', '_read' => '1', '_update' => '0', '_delete' => '0');
 		$this->assertEqual($result[0]['PermissionTest'], $expected);
-		$this->Acl->deny('Secretary','Links','delete');
+		$this->Acl->deny('Secretary', 'Links', 'delete');
 		$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary')));
 		$expected['_delete'] = '-1';
 		$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Secretary')));
 		$this->assertEqual($result[0]['PermissionTest'], $expected);
-		$result = $this->Acl->check('Secretary','Links','delete');
+		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'delete'));
-		$this->assertFalse($result);
+		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'read'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'create'));
 		$this->assertTrue($this->Acl->check('Secretary', 'Links', 'update'));
-		$result = $this->Acl->check('Secretary','Links','read');
+		$this->Acl->deny('Secretary', 'Links', '*');
 		$this->assertTrue($result);
-		$result = $this->Acl->check('Secretary','Links','create');
+		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'delete'));
-		$this->assertTrue($result);
+		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'read'));
 		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'create'));
 		$this->assertFalse($this->Acl->check('Secretary', 'Links', 'update'));
 		$this->assertFalse($this->Acl->check('Secretary', 'Links'));
-		$result = $this->Acl->check('Secretary','Links','update');
+		$this->Acl->Aro->create(array('alias' => 'Tele'));
-		$this->assertTrue($result);
+		$this->assertTrue($this->Acl->Aro->save());
-		$this->Acl->deny('Secretary','Links', '*');
+		$this->Acl->Aco->create(array('alias' => 'Tobies'));
 		$this->assertTrue($this->Acl->Aco->save());
-		$result = $this->Acl->check('Secretary','Links','delete');
+		$this->Acl->allow('Tele', 'Tobies', array('read', 'update', 'delete'));
-		$this->assertFalse($result);
+		$this->Acl->deny('Tele', 'Tobies', array('delete'));
-
+		$result = $this->Acl->Aro->Permission->find('all', array('conditions' => array('AroTest.alias' => 'Tele')));
-		$result = $this->Acl->check('Secretary','Links','read');
+		$expected = array('id' => '4', 'aro_id' => '5', 'aco_id' => '19', '_create' => '0', '_read' => '1', '_update' => '1', '_delete' => '-1');
-		$this->assertFalse($result);
+		$this->assertEqual($result[0]['PermissionTest'], $expected);
 		$result = $this->Acl->check('Secretary','Links','create');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Secretary','Links','update');
 		$this->assertFalse($result);
 		$result = $this->Acl->check('Secretary','Links');
 		$this->assertFalse($result);
 	}
 	function testAclNodeLookup() {
@ -299,6 +251,7 @@ class AclComponentTest extends CakeTestCase {
 			array('AroTest' => array('id' => '1', 'parent_id' => null, 'model' => null, 'foreign_key' => null, 'alias' => 'Global'))
 		);
 		$this->assertEqual($result, $expected);
 		//die('Working');
 	}
 	function tearDown() {