Hi Rob. Thanks for your answer, the behavior is very interesting. I think I did not express myself well, I dont want just to set that a user has only access to the posts he created.
I want also to configure for example: We have hotels around a country from the same organization, so in each city there's a manager, and I want a manager to manage just the hotels in his city. but this hotels can be created by another user(admin), is it possible? I did it with isAuthorized() method, but it requires a lot of "code (ugly code)° :p Paulo On Monday, December 24, 2012 3:08:31 PM UTC+2, Rob M wrote: > > Hi Paulo: You are describing row-level access control, and I am doing that > with CakePHP 2.0 using a modified version of Daniel Vecchiato's WhoDidIt > Model Behavior ( > https://github.com/danfreak/4cakephp/tree/master/models/behaviors). Then > I check in the controller to see if the id in the table for the person who > created the record matches the id of the person who is trying to modify it. > - Rob > > On Sunday, December 23, 2012 4:01:28 PM UTC-5, Paulo Braga wrote: >> >> Hi people. >> >> I am using cakephp 2.x, and I am trying to build a system with group >> permissions, ok, I used Acl and Auth component without problem. >> >> Now I want to configure access to specific data. for example: >> >> we have a blog app, and we have users, posts, etc. >> an admin can do anything(no problems); >> a post is posted by a user. (some problems here); >> >> With acl I configured that admin group can do anything. and that user >> group can just do anything in posts(add, list, edit, delete). everything is >> working. >> >> But I dont want a user to edit,delete,list posts that were not created by >> him. >> >> I used to do it with the method isAuthorized(), but imagining a big app, >> I think it will be too hard to codify it. >> >> is there a "clean" way to do it??? >> >> -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
