I'm trying to get my head around ACL and figure out if it will be able to filter the available data down to what the user is authorized to see, or if it's just going to lock them out.
Example: a regular user visits /departments/index/ (the controller wants to do a Department->paginate()) but this user doesn't have the right to see all departments - they only should be seeing departments they are affiliated with. If I use ACL to give the user read permission over Dept. A and Dept. B, will the page display and filter the records down to A and B, or is it going to complain that they should not be trying to read ALL departments? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
