the only alternative path i can see is to make hundreds of controllers, each with his own specific model. this will lead to hundreds of controllers.
Right now i'm acting this way: - i use the standard Cake ACL to prevent unwanted page views. - i added an "Authorization" model, with HABTM relationship to User model (and vice-versa) - i added a Vendor class named "CheckAuthorizations", loaded in both AppController and AppModel's constructors. This class checks if there's any coincidence between the current logged user and the requested authorization code (authorization_id), by fetching data from Authorizations_Users (the HABTM join model). - Authorization request are done this way: $this->CheckAuthorization->check([AUTHCODE]) or $this->CheckAuthorization->require([AUTHCODE]) Any advice? On 27 Gen, 13:57, Zaky Katalan-Ezra <procsh...@gmail.com> wrote: > In that case my honest advice to you is to revise your design. > > "If it's not simple it's should simply not" (In Hebrew it sounds better) -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php