You should use users and roles (user belongs to role) to manage this. and try to stay away from ACL if possible (which in this case sounds like the case) on top of different controllers/plugins to separate the access for each role, you can than easily switch access based on such a role - and also pull in related tables that extend the specific role
See www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ on how to make a simple role based access. Am Donnerstag, 9. Januar 2014 18:38:35 UTC+1 schrieb Rafael Queiroz: > > Well, it's correct, but not unique solution for you problem. You can > create "Plugins" for Auth specified: > > 1. Plugin/Admin > 2. Plugin/Buyer > 3. Plugin/Supplier > 4. Plugin/Technician > > For each plugin exists one Controller, example AdminAppController, use > Auth and configure useModel and sessionKey for you model Admin and so. In > my opinion this is the best solution when each section is totally different. > > On Thu, Jan 9, 2014 at 1:59 PM, WhyNotSmile <sharong...@gmail.com<javascript:> > > wrote: > >> I'm building a system which has 4 types of user: Admin, Buyer, Supplier >> and Technician. They each have access to different areas of the site, and >> have different restrictions placed on what they can see. From what I've >> read in the book, the Acl component seems to be the best way to manage >> this, but having read all the sections on it several times, I'm still a bit >> confused, so before I launch into it, I'd like to make sure I'm heading in >> the right direction! >> >> Mainly, I'm not sure how to structure the database. From the CakePHP >> book, it seems like I should have 4 models, one for each user type - is >> that correct? Do I then need a User record for each person, which links to >> their corresponding record in the appropriate model? Otherwise, how does >> Authentication work - it needs you to be working with a 'User', right? >> >> So I'm thinking I need to build the following structure: >> >> Users - with username and password for everyone who can log in >> >> Buyers - individual buyer record, including user_id to link back to User >> record >> Suppliers - individual supplier record, including user_id >> Admins - as above >> Technicians - as above >> >> And when a user is added, do I create their User and >> Buyer/Supplier/Admin/Technician record and then add them to the Acl? >> >> It seems quite complex for what I'm doing, as I will have the same access >> levels for all Buyers, the same for all Suppliers etc., but the book seems >> to be saying that each person will then have a User record, a >> Buyer/Supplier etc record, and an Aro record. >> >> Am I doing the right thing here? >> >> Thanks! >> -- >> Like Us on FaceBook https://www.facebook.com/CakePHP >> Find us on Twitter http://twitter.com/CakePHP >> >> --- >> You received this message because you are subscribed to the Google Groups >> "CakePHP" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cake-php+u...@googlegroups.com <javascript:>. >> To post to this group, send email to cake...@googlegroups.com<javascript:> >> . >> Visit this group at http://groups.google.com/group/cake-php. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > > > -- > Atenciosamente, > > Rafael F. Queiroz > -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.
