I'd put the code deeper, in the Order (or even Cart if you've using a
cart metaphor) model in the beforeSave() callback or perhaps as a
validation rule to prevent purchases for those link directly to the
product.
On Wed, Jul 8, 2009 at 6:32 PM, Jon Bennett<jmbenn...@gmail.com> wrote:
>
>> I have question on the best way of applying rules to types of actions
>> on certain models with ownership properties. The application I'm
>> building is a type of market place application where users are selling
>> many items and others can bid on them and buy them.
>>
>> I understand that ACL is best for giving permission for request
>> objects to access control objects.
>>
>> Where and how is the best way to implement the rule such that I can
>> buy anyone's stuff but my own? Does ACL have support for complex
>> rules on access?
>>
>> The models look like this:
>> User hasMany Item
>> Item belongsTo User
>
> Why not exclude the active (signed in) users id when retrieving items?
>
> $items = $this->Item->find('all', array(
> 'conditions'=>array('Item.user_id !'=>$this->Auth->user('id'))
> ));
>
> hth
>
> Jon
>
> --
>
> jon bennett
> w: http://www.jben.net/
> iChat (AIM): jbendotnet Skype: jon-bennett
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
