By the way, I left out the code for checking the ACL's, rendering
views, etc., so please assume that ACL checking and all that other
stuff is implied :P
On May 11, 9:26 am, Sliv <[EMAIL PROTECTED]> wrote:
> This is my thought on how to use ACL when needing permissions for
> existing controller actions to be based on specific data elements:
>
> -Add more controller actions (i.e. index2, index3, etc.)
> -set ACL's on those
> -call the "main" controller action (index), passing it an argument
> -check for the argument in the "main" controller action and get
> specific data from the model
>
> Explanation:
>
> ARO, Controller->Action, Perms:
>
> Group1, Node->Index, All->Allow
> Group1, Node->Index2, All->Allow
> Group1, Node->Index3, All->Allow
>
> Group2, Node->Index, Add->Deny, Edit->Deny, View->Allow, Index->Allow
> Group2, Node->Index2, Add->Allow, Edit->Allow, View->Allow, Index->Allow
>
> Group2, Node->Index3, Add->Deny, Edit->Deny, View->Allow, Index->Allow
>
> Group3, Node->Index, Add->Deny, Edit->Deny, View->Allow, Index->Allow
> Group3, Node->Index2, Add->Deny, Edit->Deny, View->Allow, Index->Allow
> Group3, Node->Index3, Add->Allow, Edit->Allow, View->Allow, Index-
>
> >Allow
>
> Node Controller:
>
> function index($i = null) {
> if(!empty($i)){
> // index code
> } else {
> switch($i) {
> case 2:
> // ask model for data with conditions to
> return only records related to "Area 2"
> break;
> case 3:
> // ask model for data with conditions to
> return only records related to "Area 3"
> break;
> }
> }
>
> }
>
> function index2() {
> $this->index(2);
>
> }
>
> function index3() {
> $this->index(3);
>
> }
>
> ---------------
>
> Of course this means hard-coding conditions for the queries...but I
> don't see another way without modifying the database itself and
> attempting to set up some database-level permissions, or some other
> type of approach....
>
> I just wondered if anyone was working with the same type of
> requirements in one of their projects that might have a better
> approach, or some words of advice regarding the approach I've outlined
> here...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
