I'm just wondering if Cake's system of doing ACL is the smartest way to implement control logic in a way that will be easy to maintain as the system progresses. It seems that when access control is implemented at the record level, we wind up with a lot of extra work to do (and the potential for more bugs) as the system progresses.
Case in point: Today, maybe there is only one action for FoosController: read. So when I insert a new Foo into my database (using SQL to load it right into the database), I want to make sure I identify the AROs which have access to read the Foo. But then some day in the future, the programmer needs to also be able to delete Foos through the application. He can code the delete action and in there check if the currently acting ARO can perform deletes, and whenever he inserts a new Foo, he makes sure that he grants the appropriate AROs permission to read and delete the Foo. But what about the Foo I inserted before 'delete' was a possibility? I guess those Foos would not be able to be deleted by the system. Am I right in thinking that the most appropriate way to handle this would be to write an upgrade script which would bring the ACL tables up to date with all the possible ACOs and AROs? This issue is easy enough to fix if there are just a few AROs and actions the ARO's are seeking to perform, but it seems like it would become more an more difficult as the system scales up to include more functionality and AROs. So what's the alternative to Cake's ACL? I'm not saying this is the best practice, but the way I've always done it involves coding logic into the controllers to filter out what doesn't need to be seen, and prevent what shouldn't happen based on the authentication info I have access to. For example, let's say I'm using AuthComponent. Auth integrates tightly with my User table, so I can easily determine what user id is logged in from my controllers. I can use that to interrogate my membership table and find out what departments my user is in. Based on that, I can filter what they see and play gatekeeper for what they do. I understand that Cake's ACL is trying to get away from that kind of coding and standardize how ACL is done in applications. I just don't understand why. Any feedback would be great. Thanks for reading this. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
