Re: Question about use ACL with paginate
Yes, you are right, forget the "create" field. My mistake. You should have only 3 fields regarding to permissions: Read, Update, Delete, so you can still implement my idea On 11 February 2010 06:00, anl hp wrote: > Something I don't see clear from this approach is, how can I have > permissions on 'create' for a document that's not been yet created?, When I > see this method I can only see 'documents' as a 'resource' an 'interface' or > in the current context, as a 'controller', setting permits on documents > treated as 'files' or 'rows' in a db, I can only think of a system file > permissions (read, write or edit and delete in this example, execute) > But I am not versed in sql either ;) > > anl > > > On Thu, Feb 11, 2010 at 2:08 AM, guille1983 wrote: > >> Oh... I see the data got lost >> The tables look like this: >> >> id: 1 >> document_id: 9 >> user_id: null >> group_id: 1 >> create: 0 >> read: 1 >> update: 0 >> delele: 0 >> >> On 10 feb, 21:04, Guillermo Mansilla wrote: >> > I think about this: >> > Have a table (with its model) named documents_permissions with the >> following >> > fields >> > id, document_id, user_id, group_id, read, create, update, delete >> > this model belongs To: User, Group, Document >> > Since a user may be part of many groups and some times you may have >> cases >> > like this: >> > user gmansilla (user_id 7) belongs to groups: teachers (group_id 4) and >> > administrators (group_id 1), and document "taxes" (document_id 9) may >> be >> > read only by administrators. You will have to feed the table with this >> data: >> > >> > id|document_id | user_id | group_id | >> > create | read | update |delete | >> > 19null >> > 101 0 0 >> > >> > In case this document may be read by teachers and administrator but may >> not >> > be read my gmansilla you will feed the table with this data >> > >> > id|document_id | user_id | group_id | >> > create | read | update |delete | >> > 19null >> > 101 0 0 >> > 29null 4 >> >01 0 0 >> > 397null >> > 00 0 0 >> > >> > Basically you fill the table with the permits and the explicit denies, >> > then >> > >> > Then in your Controller place a function that checks if a user has >> permision >> > or not, something like >> > >> > function __hasPermission($document_id, $user_id, $group_id, $action){ >> > switch ($action) { >> >case 'read': >> > return ($this->theNewModel->find('count', >> > array('contionds' => array('read' => 1, 'group_id' => $group_id, >> > 'document_id' => $document_id))) > 0 >> >&& >> $this->theNewModel->find('count', >> > array('contionds' => array('read ' => 0, 'user_id' => $user_id, >> > 'document_id' => $document_id))) == 0 >> >) >> > //I am counting results in find >> > queries where my group has permission (1) and I am not denied (0) >> > >> > ); >> > brake; >> > case and so on >> > } >> > >> > } >> > >> > Then you can call you function passing the required parameters, example: >> > Lets say I am user_id = 3 and I belong to groups = 5 and 7, and I want >> to >> > read document_id = 9 >> > Now I want to check if the User has permission: $this->__hasPermision(9, >> 3, >> > array('5', '7'), 'read') >> > >> > All of this Is to only check permissions... >> > >> > To display What documents Can I read I would use the containable >> behavior or >> > just bindModel setting the conditions You need. >> > >> > I hope it helps you >> > >> > On 10 February 2010 16:54, marco.rizze...@gmail.com < >> > >> > marco.rizze...@gmail.com> wrote: >> > > I try to explain better. >> > > I have users that belongs to groups (a user can belong to many group >> > > and a group can have many users) >> > > Then I have documents. >> > > I must manage permissions on documents. >> > > Permissions are : read a document, edit a document etc... >> > > Permission can be defined in raltion to groups or to users >> > >> > > So there are documents can be accessed by all user in a group and >> > > there are other documents can be accessed by only some users. >> > >> > > I ask what is the best pattern to manage this situation >> > >> > > To manage this is better have a HABTM relation between User and >> > > Document with a "permission" field ( more simple but I have to use >> > > more an
Re: Question about use ACL with paginate
Something I don't see clear from this approach is, how can I have permissions on 'create' for a document that's not been yet created?, When I see this method I can only see 'documents' as a 'resource' an 'interface' or in the current context, as a 'controller', setting permits on documents treated as 'files' or 'rows' in a db, I can only think of a system file permissions (read, write or edit and delete in this example, execute) But I am not versed in sql either ;) anl On Thu, Feb 11, 2010 at 2:08 AM, guille1983 wrote: > Oh... I see the data got lost > The tables look like this: > > id: 1 > document_id: 9 > user_id: null > group_id: 1 > create: 0 > read: 1 > update: 0 > delele: 0 > > On 10 feb, 21:04, Guillermo Mansilla wrote: > > I think about this: > > Have a table (with its model) named documents_permissions with the > following > > fields > > id, document_id, user_id, group_id, read, create, update, delete > > this model belongs To: User, Group, Document > > Since a user may be part of many groups and some times you may have cases > > like this: > > user gmansilla (user_id 7) belongs to groups: teachers (group_id 4) and > > administrators (group_id 1), and document "taxes" (document_id 9) may be > > read only by administrators. You will have to feed the table with this > data: > > > > id|document_id | user_id | group_id | > > create | read | update |delete | > > 19null > > 101 0 0 > > > > In case this document may be read by teachers and administrator but may > not > > be read my gmansilla you will feed the table with this data > > > > id|document_id | user_id | group_id | > > create | read | update |delete | > > 19null > > 101 0 0 > > 29null 4 > >01 0 0 > > 397null > > 00 0 0 > > > > Basically you fill the table with the permits and the explicit denies, > > then > > > > Then in your Controller place a function that checks if a user has > permision > > or not, something like > > > > function __hasPermission($document_id, $user_id, $group_id, $action){ > > switch ($action) { > >case 'read': > > return ($this->theNewModel->find('count', > > array('contionds' => array('read' => 1, 'group_id' => $group_id, > > 'document_id' => $document_id))) > 0 > >&& > $this->theNewModel->find('count', > > array('contionds' => array('read ' => 0, 'user_id' => $user_id, > > 'document_id' => $document_id))) == 0 > >) > > //I am counting results in find > > queries where my group has permission (1) and I am not denied (0) > > > > ); > > brake; > > case and so on > > } > > > > } > > > > Then you can call you function passing the required parameters, example: > > Lets say I am user_id = 3 and I belong to groups = 5 and 7, and I want > to > > read document_id = 9 > > Now I want to check if the User has permission: $this->__hasPermision(9, > 3, > > array('5', '7'), 'read') > > > > All of this Is to only check permissions... > > > > To display What documents Can I read I would use the containable behavior > or > > just bindModel setting the conditions You need. > > > > I hope it helps you > > > > On 10 February 2010 16:54, marco.rizze...@gmail.com < > > > > marco.rizze...@gmail.com> wrote: > > > I try to explain better. > > > I have users that belongs to groups (a user can belong to many group > > > and a group can have many users) > > > Then I have documents. > > > I must manage permissions on documents. > > > Permissions are : read a document, edit a document etc... > > > Permission can be defined in raltion to groups or to users > > > > > So there are documents can be accessed by all user in a group and > > > there are other documents can be accessed by only some users. > > > > > I ask what is the best pattern to manage this situation > > > > > To manage this is better have a HABTM relation between User and > > > Document with a "permission" field ( more simple but I have to use > > > more and more space). > > > In this way when I set that a document can be access by a group I must > > > insert in HABTM relation all the users of the group. > > > > > or I use ACL (very very complex to use in this situation(I have to > > > manage also that a user can belong to many groups) > > > > > or I ask if exist another method? > > > > > I hope that
Re: Question about use ACL with paginate
Oh... I see the data got lost The tables look like this: id: 1 document_id: 9 user_id: null group_id: 1 create: 0 read: 1 update: 0 delele: 0 On 10 feb, 21:04, Guillermo Mansilla wrote: > I think about this: > Have a table (with its model) named documents_permissions with the following > fields > id, document_id, user_id, group_id, read, create, update, delete > this model belongs To: User, Group, Document > Since a user may be part of many groups and some times you may have cases > like this: > user gmansilla (user_id 7) belongs to groups: teachers (group_id 4) and > administrators (group_id 1), and document "taxes" (document_id 9) may be > read only by administrators. You will have to feed the table with this data: > > id | document_id | user_id | group_id | > create | read | update | delete | > 1 9 null > 1 0 1 0 0 > > In case this document may be read by teachers and administrator but may not > be read my gmansilla you will feed the table with this data > > id | document_id | user_id | group_id | > create | read | update | delete | > 1 9 null > 1 0 1 0 0 > 2 9 null 4 > 0 1 0 0 > 3 9 7 null > 0 0 0 0 > > Basically you fill the table with the permits and the explicit denies, > then > > Then in your Controller place a function that checks if a user has permision > or not, something like > > function __hasPermission($document_id, $user_id, $group_id, $action){ > switch ($action) { > case 'read': > return ($this->theNewModel->find('count', > array('contionds' => array('read' => 1, 'group_id' => $group_id, > 'document_id' => $document_id))) > 0 > && $this->theNewModel->find('count', > array('contionds' => array('read ' => 0, 'user_id' => $user_id, > 'document_id' => $document_id))) == 0 > ) > //I am counting results in find > queries where my group has permission (1) and I am not denied (0) > > ); > brake; > case and so on > } > > } > > Then you can call you function passing the required parameters, example: > Lets say I am user_id = 3 and I belong to groups = 5 and 7, and I want to > read document_id = 9 > Now I want to check if the User has permission: $this->__hasPermision(9, 3, > array('5', '7'), 'read') > > All of this Is to only check permissions... > > To display What documents Can I read I would use the containable behavior or > just bindModel setting the conditions You need. > > I hope it helps you > > On 10 February 2010 16:54, marco.rizze...@gmail.com < > > marco.rizze...@gmail.com> wrote: > > I try to explain better. > > I have users that belongs to groups (a user can belong to many group > > and a group can have many users) > > Then I have documents. > > I must manage permissions on documents. > > Permissions are : read a document, edit a document etc... > > Permission can be defined in raltion to groups or to users > > > So there are documents can be accessed by all user in a group and > > there are other documents can be accessed by only some users. > > > I ask what is the best pattern to manage this situation > > > To manage this is better have a HABTM relation between User and > > Document with a "permission" field ( more simple but I have to use > > more and more space). > > In this way when I set that a document can be access by a group I must > > insert in HABTM relation all the users of the group. > > > or I use ACL (very very complex to use in this situation(I have to > > manage also that a user can belong to many groups) > > > or I ask if exist another method? > > > I hope that now my problem is more understandable. > > On 10 Feb, 17:46, anl hp wrote: > > > Forgive me, but I'm making a mess, now you're saying: "I must find all > > users > > > that belong to the group and insert a record in > > > all two tables(LineDoc and DocPermit) for every user." I believe I don't > > > understand you quite well at first time, but anyway, If you going to do > > > that, may be is better for you to > > > merge the LineDoc Model and DocPermit Model into one model, thus > > eliminating > > > the need > > > of insert pretty same data in two different tables > > > > anl > > > > On Wed, Feb 10, 2010 at 3:23 PM, marco.rizze...@gmail.com < > > > > marco.rizze...@gmail.com> wrote: > > > > Ok many thanks. > > > > Using the solution that you have s
Re: Question about use ACL with paginate
I think about this: Have a table (with its model) named documents_permissions with the following fields id, document_id, user_id, group_id, read, create, update, delete this model belongs To: User, Group, Document Since a user may be part of many groups and some times you may have cases like this: user gmansilla (user_id 7) belongs to groups: teachers (group_id 4) and administrators (group_id 1), and document "taxes" (document_id 9) may be read only by administrators. You will have to feed the table with this data: id|document_id | user_id | group_id | create | read | update |delete | 19null 101 0 0 In case this document may be read by teachers and administrator but may not be read my gmansilla you will feed the table with this data id|document_id | user_id | group_id | create | read | update |delete | 19null 101 0 0 29null 4 01 0 0 397null 00 0 0 Basically you fill the table with the permits and the explicit denies, then Then in your Controller place a function that checks if a user has permision or not, something like function __hasPermission($document_id, $user_id, $group_id, $action){ switch ($action) { case 'read': return ($this->theNewModel->find('count', array('contionds' => array('read' => 1, 'group_id' => $group_id, 'document_id' => $document_id))) > 0 && $this->theNewModel->find('count', array('contionds' => array('read ' => 0, 'user_id' => $user_id, 'document_id' => $document_id))) == 0 ) //I am counting results in find queries where my group has permission (1) and I am not denied (0) ); brake; case and so on } } Then you can call you function passing the required parameters, example: Lets say I am user_id = 3 and I belong to groups = 5 and 7, and I want to read document_id = 9 Now I want to check if the User has permission: $this->__hasPermision(9, 3, array('5', '7'), 'read') All of this Is to only check permissions... To display What documents Can I read I would use the containable behavior or just bindModel setting the conditions You need. I hope it helps you On 10 February 2010 16:54, marco.rizze...@gmail.com < marco.rizze...@gmail.com> wrote: > I try to explain better. > I have users that belongs to groups (a user can belong to many group > and a group can have many users) > Then I have documents. > I must manage permissions on documents. > Permissions are : read a document, edit a document etc... > Permission can be defined in raltion to groups or to users > > So there are documents can be accessed by all user in a group and > there are other documents can be accessed by only some users. > > I ask what is the best pattern to manage this situation > > To manage this is better have a HABTM relation between User and > Document with a "permission" field ( more simple but I have to use > more and more space). > In this way when I set that a document can be access by a group I must > insert in HABTM relation all the users of the group. > > or I use ACL (very very complex to use in this situation(I have to > manage also that a user can belong to many groups) > > or I ask if exist another method? > > I hope that now my problem is more understandable. > On 10 Feb, 17:46, anl hp wrote: > > Forgive me, but I'm making a mess, now you're saying: "I must find all > users > > that belong to the group and insert a record in > > all two tables(LineDoc and DocPermit) for every user." I believe I don't > > understand you quite well at first time, but anyway, If you going to do > > that, may be is better for you to > > merge the LineDoc Model and DocPermit Model into one model, thus > eliminating > > the need > > of insert pretty same data in two different tables > > > > anl > > > > On Wed, Feb 10, 2010 at 3:23 PM, marco.rizze...@gmail.com < > > > > marco.rizze...@gmail.com> wrote: > > > Ok many thanks. > > > Using the solution that you have suggested I don't need to use ACL. > > > In this case for manage permissions expressed by group on a document > > > (like "Group A can read Document 1") > > > I must find all users that belong to the group and insert a record in > > > all two tables(LineDoc and DocPermit) for every user. > > > Is it correct? > > > > > On 10 Feb, 14:20, anler wrote: > > > > I think the BEST w
Re: Question about use ACL with paginate
I try to explain better. I have users that belongs to groups (a user can belong to many group and a group can have many users) Then I have documents. I must manage permissions on documents. Permissions are : read a document, edit a document etc... Permission can be defined in raltion to groups or to users So there are documents can be accessed by all user in a group and there are other documents can be accessed by only some users. I ask what is the best pattern to manage this situation To manage this is better have a HABTM relation between User and Document with a "permission" field ( more simple but I have to use more and more space). In this way when I set that a document can be access by a group I must insert in HABTM relation all the users of the group. or I use ACL (very very complex to use in this situation(I have to manage also that a user can belong to many groups) or I ask if exist another method? I hope that now my problem is more understandable. On 10 Feb, 17:46, anl hp wrote: > Forgive me, but I'm making a mess, now you're saying: "I must find all users > that belong to the group and insert a record in > all two tables(LineDoc and DocPermit) for every user." I believe I don't > understand you quite well at first time, but anyway, If you going to do > that, may be is better for you to > merge the LineDoc Model and DocPermit Model into one model, thus eliminating > the need > of insert pretty same data in two different tables > > anl > > On Wed, Feb 10, 2010 at 3:23 PM, marco.rizze...@gmail.com < > > marco.rizze...@gmail.com> wrote: > > Ok many thanks. > > Using the solution that you have suggested I don't need to use ACL. > > In this case for manage permissions expressed by group on a document > > (like "Group A can read Document 1") > > I must find all users that belong to the group and insert a record in > > all two tables(LineDoc and DocPermit) for every user. > > Is it correct? > > > On 10 Feb, 14:20, anler wrote: > > > I think the BEST way is using ACL, and yes, it's complex, but give you > > > reliability for free, even more > > > if you are mixin groups in the coctel (group permits are inherited by > > > users of that group, and things like that), > > > with ACL you could handle better reading and writing documents > > > through AuthComponent::authorize = 'crud' > > > (If you have time and patience I encourage you to do it this way, I > > > will help in anything you need ;) ) > > > > if you just want get something fast and cheap, well, I'll tell you > > > what I'm thinking > > > > - Keep the model Document as flat as possible, ex in db: > > > table documents( > > > name .., created ..., modified ... > > > ) > > > > - Instead of relating Users and Documents through a HABTM relation, in > > > HABTM the join table acts only as a connection between de models, but > > > if you feel the need of add more > > > information to this table, you should give her its own model because > > > it is participating in the application bussiness, ex: > > > table line_docs( > > > user_id, document_id, date_when_read, etc > > > ) > > > > model LineDocs (or whatever name you want give him) > > > hasMany => Users > > > hasMany => Documents > > > > - Let another table manage the user permits on documents > > > table doc_permits( > > > user__id, document_id, create?, read?, write?, delete?, > > > etc > > > ) > > > and check this table when somebody wants to touch or create some > > > document > > > > On Feb 10, 1:41 pm, "marco.rizze...@gmail.com" > > > > wrote: > > > > Can you explain better what is your solution. > > > > I explain better my situation: > > > > > Model : > > > > Group: (HABTM User) > > > > User:(HABTM:Group) > > > > Document > > > > > I have to manage permissions to access to documents. > > > > Some users can modify some documents , some users can only read some > > > > documents(I must also register when a user reads a documents ), some > > > > users can't read some documents. > > > > > To manage this is better have a HABTM relation between User and > > > > Document with a "permission" field (and with a "date_when_read" > > > > field) ( more simple but I have to use more and more space). > > > > > or use ACL (very very complex to use in this situation(I have to > > > > manage also that a user can belong to many groups) and but it uses > > > > less space) > > > > > or exist another method to use (a best pattern)? > > > > > Write all your experience about this because I think that is one of > > > > the big problem when project a web application > > > > Many Thanks > > > > On 10 Feb, 12:53, anler wrote: > > > > > > Are you aking how find the allowed docs or how to paginate this > > result > > > > > (or both)? > > > > > > I did something similar once but with a different approach, since I > > > > > was working with > > > > > 'resources' in
Re: Question about use ACL with paginate
Forgive me, but I'm making a mess, now you're saying: "I must find all users that belong to the group and insert a record in all two tables(LineDoc and DocPermit) for every user." I believe I don't understand you quite well at first time, but anyway, If you going to do that, may be is better for you to merge the LineDoc Model and DocPermit Model into one model, thus eliminating the need of insert pretty same data in two different tables anl On Wed, Feb 10, 2010 at 3:23 PM, marco.rizze...@gmail.com < marco.rizze...@gmail.com> wrote: > Ok many thanks. > Using the solution that you have suggested I don't need to use ACL. > In this case for manage permissions expressed by group on a document > (like "Group A can read Document 1") > I must find all users that belong to the group and insert a record in > all two tables(LineDoc and DocPermit) for every user. > Is it correct? > > On 10 Feb, 14:20, anler wrote: > > I think the BEST way is using ACL, and yes, it's complex, but give you > > reliability for free, even more > > if you are mixin groups in the coctel (group permits are inherited by > > users of that group, and things like that), > > with ACL you could handle better reading and writing documents > > through AuthComponent::authorize = 'crud' > > (If you have time and patience I encourage you to do it this way, I > > will help in anything you need ;) ) > > > > if you just want get something fast and cheap, well, I'll tell you > > what I'm thinking > > > > - Keep the model Document as flat as possible, ex in db: > >table documents( > > name .., created ..., modified ... > > ) > > > > - Instead of relating Users and Documents through a HABTM relation, in > > HABTM the join table acts only as a connection between de models, but > > if you feel the need of add more > > information to this table, you should give her its own model because > > it is participating in the application bussiness, ex: > > table line_docs( > >user_id, document_id, date_when_read, etc > > ) > > > > model LineDocs (or whatever name you want give him) > >hasMany => Users > >hasMany => Documents > > > > - Let another table manage the user permits on documents > > table doc_permits( > >user__id, document_id, create?, read?, write?, delete?, > > etc > > ) > > and check this table when somebody wants to touch or create some > > document > > > > On Feb 10, 1:41 pm, "marco.rizze...@gmail.com" > > > > wrote: > > > Can you explain better what is your solution. > > > I explain better my situation: > > > > > Model : > > > Group: (HABTM User) > > > User:(HABTM:Group) > > > Document > > > > > I have to manage permissions to access to documents. > > > Some users can modify some documents , some users can only read some > > > documents(I must also register when a user reads a documents ), some > > > users can't read some documents. > > > > > To manage this is better have a HABTM relation between User and > > > Document with a "permission" field (and with a "date_when_read" > > > field) ( more simple but I have to use more and more space). > > > > > or use ACL (very very complex to use in this situation(I have to > > > manage also that a user can belong to many groups) and but it uses > > > less space) > > > > > or exist another method to use (a best pattern)? > > > > > Write all your experience about this because I think that is one of > > > the big problem when project a web application > > > Many Thanks > > > On 10 Feb, 12:53, anler wrote: > > > > > > Are you aking how find the allowed docs or how to paginate this > result > > > > (or both)? > > > > > > I did something similar once but with a different approach, since I > > > > was working with > > > > 'resources' instead of documents, I listed the resources and the > > > > option 'access info' > > > > to show the permits for that resource (this way used less db queries) > > > > > > On Feb 10, 12:41 pm, "marco.rizze...@gmail.com" > > > > > > wrote: > > > > > Hi > > > > > I have this question: > > > > > I use ACL for manage the access to documents by users. > > > > > Now I must display a list of all documents that are accessible by > the > > > > > logged user. > > > > > This list must be paginated. > > > > > I have no idea about how to do this and I think to abandon the ACL > and > > > > > manage the permits with a big table with all relations (HABTM) > between > > > > > users and documents. > > > > > I would ask if someone has any idea about this. > > > > > Many Thanks > > > > > > Check out the new CakePHP Questions site http://cakeqs.org and help others > with their CakePHP related questions. > > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To post to this group, send email to cake-php@googlegroups.com > To unsubscribe from this group, send email to > cake-php+unsubscr...@googlegroups.c
Re: Question about use ACL with paginate
Ok many thanks. Using the solution that you have suggested I don't need to use ACL. In this case for manage permissions expressed by group on a document (like "Group A can read Document 1") I must find all users that belong to the group and insert a record in all two tables(LineDoc and DocPermit) for every user. Is it correct? On 10 Feb, 14:20, anler wrote: > I think the BEST way is using ACL, and yes, it's complex, but give you > reliability for free, even more > if you are mixin groups in the coctel (group permits are inherited by > users of that group, and things like that), > with ACL you could handle better reading and writing documents > through AuthComponent::authorize = 'crud' > (If you have time and patience I encourage you to do it this way, I > will help in anything you need ;) ) > > if you just want get something fast and cheap, well, I'll tell you > what I'm thinking > > - Keep the model Document as flat as possible, ex in db: > table documents( > name .., created ..., modified ... > ) > > - Instead of relating Users and Documents through a HABTM relation, in > HABTM the join table acts only as a connection between de models, but > if you feel the need of add more > information to this table, you should give her its own model because > it is participating in the application bussiness, ex: > table line_docs( > user_id, document_id, date_when_read, etc > ) > > model LineDocs (or whatever name you want give him) > hasMany => Users > hasMany => Documents > > - Let another table manage the user permits on documents > table doc_permits( > user__id, document_id, create?, read?, write?, delete?, > etc > ) > and check this table when somebody wants to touch or create some > document > > On Feb 10, 1:41 pm, "marco.rizze...@gmail.com" > > wrote: > > Can you explain better what is your solution. > > I explain better my situation: > > > Model : > > Group: (HABTM User) > > User:(HABTM:Group) > > Document > > > I have to manage permissions to access to documents. > > Some users can modify some documents , some users can only read some > > documents(I must also register when a user reads a documents ), some > > users can't read some documents. > > > To manage this is better have a HABTM relation between User and > > Document with a "permission" field (and with a "date_when_read" > > field) ( more simple but I have to use more and more space). > > > or use ACL (very very complex to use in this situation(I have to > > manage also that a user can belong to many groups) and but it uses > > less space) > > > or exist another method to use (a best pattern)? > > > Write all your experience about this because I think that is one of > > the big problem when project a web application > > Many Thanks > > On 10 Feb, 12:53, anler wrote: > > > > Are you aking how find the allowed docs or how to paginate this result > > > (or both)? > > > > I did something similar once but with a different approach, since I > > > was working with > > > 'resources' instead of documents, I listed the resources and the > > > option 'access info' > > > to show the permits for that resource (this way used less db queries) > > > > On Feb 10, 12:41 pm, "marco.rizze...@gmail.com" > > > > wrote: > > > > Hi > > > > I have this question: > > > > I use ACL for manage the access to documents by users. > > > > Now I must display a list of all documents that are accessible by the > > > > logged user. > > > > This list must be paginated. > > > > I have no idea about how to do this and I think to abandon the ACL and > > > > manage the permits with a big table with all relations (HABTM) between > > > > users and documents. > > > > I would ask if someone has any idea about this. > > > > Many Thanks > > Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Question about use ACL with paginate
I think the BEST way is using ACL, and yes, it's complex, but give you reliability for free, even more if you are mixin groups in the coctel (group permits are inherited by users of that group, and things like that), with ACL you could handle better reading and writing documents through AuthComponent::authorize = 'crud' (If you have time and patience I encourage you to do it this way, I will help in anything you need ;) ) if you just want get something fast and cheap, well, I'll tell you what I'm thinking - Keep the model Document as flat as possible, ex in db: table documents( name .., created ..., modified ... ) - Instead of relating Users and Documents through a HABTM relation, in HABTM the join table acts only as a connection between de models, but if you feel the need of add more information to this table, you should give her its own model because it is participating in the application bussiness, ex: table line_docs( user_id, document_id, date_when_read, etc ) model LineDocs (or whatever name you want give him) hasMany => Users hasMany => Documents - Let another table manage the user permits on documents table doc_permits( user__id, document_id, create?, read?, write?, delete?, etc ) and check this table when somebody wants to touch or create some document On Feb 10, 1:41 pm, "marco.rizze...@gmail.com" wrote: > Can you explain better what is your solution. > I explain better my situation: > > Model : > Group: (HABTM User) > User:(HABTM:Group) > Document > > I have to manage permissions to access to documents. > Some users can modify some documents , some users can only read some > documents(I must also register when a user reads a documents ), some > users can't read some documents. > > To manage this is better have a HABTM relation between User and > Document with a "permission" field (and with a "date_when_read" > field) ( more simple but I have to use more and more space). > > or use ACL (very very complex to use in this situation(I have to > manage also that a user can belong to many groups) and but it uses > less space) > > or exist another method to use (a best pattern)? > > Write all your experience about this because I think that is one of > the big problem when project a web application > Many Thanks > On 10 Feb, 12:53, anler wrote: > > > Are you aking how find the allowed docs or how to paginate this result > > (or both)? > > > I did something similar once but with a different approach, since I > > was working with > > 'resources' instead of documents, I listed the resources and the > > option 'access info' > > to show the permits for that resource (this way used less db queries) > > > On Feb 10, 12:41 pm, "marco.rizze...@gmail.com" > > > wrote: > > > Hi > > > I have this question: > > > I use ACL for manage the access to documents by users. > > > Now I must display a list of all documents that are accessible by the > > > logged user. > > > This list must be paginated. > > > I have no idea about how to do this and I think to abandon the ACL and > > > manage the permits with a big table with all relations (HABTM) between > > > users and documents. > > > I would ask if someone has any idea about this. > > > Many Thanks Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Question about use ACL with paginate
Can you explain better what is your solution. I explain better my situation: Model : Group: (HABTM User) User:(HABTM:Group) Document I have to manage permissions to access to documents. Some users can modify some documents , some users can only read some documents(I must also register when a user reads a documents ), some users can't read some documents. To manage this is better have a HABTM relation between User and Document with a "permission" field (and with a "date_when_read" field) ( more simple but I have to use more and more space). or use ACL (very very complex to use in this situation(I have to manage also that a user can belong to many groups) and but it uses less space) or exist another method to use (a best pattern)? Write all your experience about this because I think that is one of the big problem when project a web application Many Thanks On 10 Feb, 12:53, anler wrote: > Are you aking how find the allowed docs or how to paginate this result > (or both)? > > I did something similar once but with a different approach, since I > was working with > 'resources' instead of documents, I listed the resources and the > option 'access info' > to show the permits for that resource (this way used less db queries) > > On Feb 10, 12:41 pm, "marco.rizze...@gmail.com" > > wrote: > > Hi > > I have this question: > > I use ACL for manage the access to documents by users. > > Now I must display a list of all documents that are accessible by the > > logged user. > > This list must be paginated. > > I have no idea about how to do this and I think to abandon the ACL and > > manage the permits with a big table with all relations (HABTM) between > > users and documents. > > I would ask if someone has any idea about this. > > Many Thanks > > Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Question about use ACL with paginate
Are you aking how find the allowed docs or how to paginate this result (or both)? I did something similar once but with a different approach, since I was working with 'resources' instead of documents, I listed the resources and the option 'access info' to show the permits for that resource (this way used less db queries) On Feb 10, 12:41 pm, "marco.rizze...@gmail.com" wrote: > Hi > I have this question: > I use ACL for manage the access to documents by users. > Now I must display a list of all documents that are accessible by the > logged user. > This list must be paginated. > I have no idea about how to do this and I think to abandon the ACL and > manage the permits with a big table with all relations (HABTM) between > users and documents. > I would ask if someone has any idea about this. > Many Thanks Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Question about use ACL with paginate
Hi I have this question: I use ACL for manage the access to documents by users. Now I must display a list of all documents that are accessible by the logged user. This list must be paginated. I have no idea about how to do this and I think to abandon the ACL and manage the permits with a big table with all relations (HABTM) between users and documents. I would ask if someone has any idea about this. Many Thanks Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en