By the way, I left out the code for checking the ACL's, rendering views, etc., so please assume that ACL checking and all that other stuff is implied :P
On May 11, 9:26 am, Sliv <[EMAIL PROTECTED]> wrote: > This is my thought on how to use ACL when needing permissions for > existing controller actions to be based on specific data elements: > > -Add more controller actions (i.e. index2, index3, etc.) > -set ACL's on those > -call the "main" controller action (index), passing it an argument > -check for the argument in the "main" controller action and get > specific data from the model > > Explanation: > > ARO, Controller->Action, Perms: > > Group1, Node->Index, All->Allow > Group1, Node->Index2, All->Allow > Group1, Node->Index3, All->Allow > > Group2, Node->Index, Add->Deny, Edit->Deny, View->Allow, Index->Allow > Group2, Node->Index2, Add->Allow, Edit->Allow, View->Allow, Index->Allow > > Group2, Node->Index3, Add->Deny, Edit->Deny, View->Allow, Index->Allow > > Group3, Node->Index, Add->Deny, Edit->Deny, View->Allow, Index->Allow > Group3, Node->Index2, Add->Deny, Edit->Deny, View->Allow, Index->Allow > Group3, Node->Index3, Add->Allow, Edit->Allow, View->Allow, Index- > > >Allow > > Node Controller: > > function index($i = null) { > if(!empty($i)){ > // index code > } else { > switch($i) { > case 2: > // ask model for data with conditions to > return only records related to "Area 2" > break; > case 3: > // ask model for data with conditions to > return only records related to "Area 3" > break; > } > } > > } > > function index2() { > $this->index(2); > > } > > function index3() { > $this->index(3); > > } > > --------------- > > Of course this means hard-coding conditions for the queries...but I > don't see another way without modifying the database itself and > attempting to set up some database-level permissions, or some other > type of approach.... > > I just wondered if anyone was working with the same type of > requirements in one of their projects that might have a better > approach, or some words of advice regarding the approach I've outlined > here... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---