jmcneese / permissionable Goto Github PK

When trying to do a $this->Model->find('list'); on a model that has the permissionable beavior attached it fails with the following SQL error: (this is for a model called Location

Warning (512): SQL Error: 1051: Unknown table 'LocationPermissionBit' [CORE/cake/libs/model/datasources/dbo_source.php, line 684]
Query: SELECT `Location`.`id`, `Location`.`name`, `LocationPermissionBit`.* FROM `locations` AS `Location`   WHERE 1 = 1    

see title.

HABTM saving is not working, the record is created, the permissions are created, but the join table record isn't.

I'm trying to do this:

$this->Group->find('list');

and my SQL is coming out like this:

SELECT Group.id, Group.name, GroupPermission.* FROM groups AS Group WHERE 1 = 1

In permisssionable/models/behaviors/permissionable.php, when I debugged the $Model before and after this line of the beforeFind() function:

$this->_bind($Model, array( ... ));

the $Model did not and then did have a 'hasOne' binding to GroupPermission however for some reason it isn't being applied to the ->find('list') query.

I tried to do a $this->Group->find('all'); and that did work as expected.

I'm calling $this->Group from my users_controller where I have:

var $uses = array('User', 'Group');

I have User HABTM Group and Group HABTM User defined in the appropriate model files.

SELECT COUNT() AS count, GroupPermission., Group.id FROM groups AS Group INNER JOIN permissions AS GroupPermission ON (GroupPermission.model = 'Group' AND GroupPermission.foreignId = Group.id AND ((GroupPermission.perms & 512 <> 0) OR (((GroupPermission.perms & 64 <> 0) AND (GroupPermission.foreignId IN ('member---0123-4567-89ab-000000000002', 'member---0123-4567-89ab-000000000003')))) OR (((GroupPermission.perms & 8 <> 0) AND (GroupPermission.gid IN ('member---0123-4567-89ab-000000000002', 'member---0123-4567-89ab-000000000003')))) OR (((GroupPermission.perms & 1 <> 0) AND (GroupPermission.oid = '12345678-1111-0000-0000-venice------'))))) LEFT JOIN users AS Owner ON (Group.user_id = Owner.id) WHERE 1 = 1

SQL warning:

1140: Mixing of GROUP columns (MIN(),MAX(),COUNT(),...) with no GROUP columns is illegal if there is no GROUP BY clause

example:
$this->Model->read(null, $id)

fix:

    if (is_array($queryData['fields'])) {

        $queryData['fields'][] = "{$alias}.*";

    } elseif(!empty($queryData['fields'])) {

        $queryData['fields'] = array(
            $queryData['fields'],
            "{$alias}.*"
        );

    } else {
        $queryData['fields'] = array(
            "{$Model->alias}.*",
            "{$alias}.*"
        );

// add this line in behavior to fix
if (isset($Model->belongsTo)) {
$belongsToModels = array_keys($Model->belongsTo);
foreach( $belongsToModels as $belongsTo_alias ){
$queryData['fields'][] = $belongsTo_alias.'.*';
}
}

    }

We could really use a web ui for setting the permissions on a row. I envision a ajax interface that would be searchable and allow for multi records to be updated if possible. I'd be willing to work on this if there is enough interest in it.

• chgrp (change group owner)
• chown (change user owner)
• chmod (change permissions)

specifically for models that actAs Tree

Trying out Permissionable on a sandbox that's based on the manual's ACL-controlled app tutorial over a 1.3.2 core. I've set up the behavior on the Post model and the component on the Post controller. The post index issues this warning at the top:

SQL Error: 1054: Unknown column 'PostPermission.foreign_id' in 'on clause'

The related query is:

SELECT 
  COUNT(*) AS `count`, 
  `PostPermission`.* 

FROM `posts` AS `Post` 

LEFT JOIN `users` AS `User` 
ON (`Post`.`user_id` = `User`.`id`) 
INNER JOIN `aros_acos` AS `PostPermission` 
ON 
(
  `PostPermission`.`foreign_id` = `Post`.`id` 
  AND `PostPermission`.`model` = 'Post' 
  AND `PostPermission`.`foreign_id` = `Post`.`id` 
  AND 
  (
    (`PostPermission`.`perms` & 4 <> 0) OR (((`PostPermission`.`perms` & 32 <> 0) AND (`PostPermission`.`gid` = '3'))) OR (((`PostPermission`.`perms` & 256 <> 0) AND (`PostPermission`.`uid` = '3')))
  )
) 
WHERE 1 = 1 

My aros_acos does not contain foreign_id or anything like it (id, aro_id, aco_id, _create, _read, _update, _delete). The closest is that both acos and aros contains foreign_key fields, though they're all null in acos (uses aliases).

Is Permissionable based upon some other implementation of ACL than what's in the release version of 1.3.x?

I had an issue getting data saved using Permissionable. Using a sandbox of the manual's ACL-controlled application on a 1.3.2 core, and after changing some names used by Permissionable (http://github.com/jmcneese/permissionable/issues/#issue/7), the add operation failed with the error:

Undefined property: Post::$PostPermission [APP\plugins\permissionable\models\behaviors\permissionable.php, line 205]

I think that means the Permissionable model/behavior isn't correctly associated to the calling model in the afterSave method. I tested this idea by adding $this->bind($Model); before the several potential calls to _ $Model->{$alias}->*. (I put mine on line 202.) Data then saved correctly.