RE: Users with ACL problem
Try to give you a better idea of my current set up in the DB TABLES
USER TABLE:
Id
Name
Password
Group
Email
Confirmation
Confirmed
TEACHER TABLE:
ID
User_id
Group_id =>3 (All teacher belong to group 3)
general profile fields
STUDENT TABLE:
ID
User_id
Group_id =>4 (All students belong to group 4)
general profile fields
So if a new user signs up as a TEACHER and it happens to be the 38th USER
then USER ID = 38, and in the TEACHER TABLE ID would be auto increment so he
would be the next available number so say 17th for the example because 16
other TEACHERS signed up before him and his TEACHER USER_ID is the USER ID =
38 (create both the USER and TEACHER at the same time).
Now as it stands I have no problem using ACL, AUTH all logging in perfect
and allowed actions and all that good stuff as it is supposed to. But when
it comes to the view edit delete actions I want to allow only the owner to
delete / edit as you would. But everything as it set up now is using USER ID
in AUTH. I just was wondering if there was an easier way of getting the
TEACHER or STUDENT USER_ID and comparing it to the AUTH USER ID because this
is going to have to be done with almost every controller in the site.
Sounds like a mess But I certainly thank you all for your feedback and
ideas and suggestions.
Dave
-Original Message-
From: Dave Maharaj :: WidePixels.com [mailto:d...@widepixels.com]
Sent: March-16-09 1:26 PM
To: cake-php@googlegroups.com
Subject: RE: Users with ACL problem
So I know this may be a stupid question as it is all new to me. In my setup
I have:
So in english to my understanding is that this links the USER to a GROUP,
and based on user permissions says what the USER can , can not do? But not
sure how to accomplish what you suggest in linking the TEACHER and STUDENT
based on user_id
USER MODEL:
var $actsAs = array('Acl' => array('requester'));
function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
$data = $this->data;
if (empty($this->data)) {
$data = $this->read();
}
if (!$data['User']['group_id']) {
return null;
} else {
return array('Group' => array('id' =>
$data['User']['group_id']));
}
}
GROUP MODEL:
var $actsAs = array('Acl' => array('requester'));
function parentNode() {
return null;
}
How would I set it up to user TEACHER ans STUDENT as you suggest using ACL?
Thanks,
Dave
-----Original Message-
From: dr. Hannibal Lecter [mailto:lecter...@gmail.com]
Sent: March-16-09 8:20 AM
To: CakePHP
Subject: Re: Users with ACL problem
What brian is suggesting is the following:
1. Right not your ARO (requester) is a User, which forces you to distinguish
between students and teachers 2. If you make Teacher an ARO and Student
another ARO, you eliminate that problem (this is easily done with ACL)
On Mar 16, 3:12 am, "Dave Maharaj :: WidePixels.com"
wrote:
> Over my head...this is my first attempt using Cake and with ACL and
> AUTH and everything else its just overwhelming... So I am not even
> sure what your trying to explain to me. Forgive my rookie aspect.
> Still trying to figure out the contain message you sent to me.
>
> When you want to list your Bookmark, use contain to grab the Post
> info, as well.
>
> 'contain' => array(
> 'Post' => array(
> 'fields' => array(
> 'title', 'description'
> )
> )
> )
> I am not using the list. Its all showing up in the "related" info
> that shows up on the index page of the user/view so the user can see
> his bookmarks on his page.
>
> Thanks,
>
> Dave
>
> -Original Message-
> From: brian [mailto:bally.z...@gmail.com]
> Sent: March-15-09 11:29 PM
> To: cake-php@googlegroups.com
> Subject: Re: Users with ACL problem
>
> Actually, I was going somewhere else with this but ... couldn't you
> just assign the ARO to Teacher instead of User? AFAIK, there's no
> reason an ARO can't be assigned to something other than a User.
>
> On Sun, Mar 15, 2009 at 9:49 PM, Dave Maharaj :: WidePixels.com
> wrote:
>
> > Yes that is correct. Both the TEACHERS and STUDENTS have a user_id
> > field which is the USER ID.
>
> > -Original Message-
> > From: brian [mailto:bally.z...@gmail.com]
> > Sent: March-15-09 10:20 PM
> > To: cake-php@googlegroups.com
> > Subject: Re: Users with ACL problem
>
> > But Teacher should also have a user_id field, yes?
>
> > On Su
RE: Users with ACL problem
So I know this may be a stupid question as it is all new to me. In my setup
I have:
So in english to my understanding is that this links the USER to a GROUP,
and based on user permissions says what the USER can , can not do? But not
sure how to accomplish what you suggest in linking the TEACHER and STUDENT
based on user_id
USER MODEL:
var $actsAs = array('Acl' => array('requester'));
function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
$data = $this->data;
if (empty($this->data)) {
$data = $this->read();
}
if (!$data['User']['group_id']) {
return null;
} else {
return array('Group' => array('id' =>
$data['User']['group_id']));
}
}
GROUP MODEL:
var $actsAs = array('Acl' => array('requester'));
function parentNode() {
return null;
}
How would I set it up to user TEACHER ans STUDENT as you suggest using ACL?
Thanks,
Dave
-Original Message-
From: dr. Hannibal Lecter [mailto:lecter...@gmail.com]
Sent: March-16-09 8:20 AM
To: CakePHP
Subject: Re: Users with ACL problem
What brian is suggesting is the following:
1. Right not your ARO (requester) is a User, which forces you to distinguish
between students and teachers 2. If you make Teacher an ARO and Student
another ARO, you eliminate that problem (this is easily done with ACL)
On Mar 16, 3:12 am, "Dave Maharaj :: WidePixels.com"
wrote:
> Over my head...this is my first attempt using Cake and with ACL and
> AUTH and everything else its just overwhelming... So I am not even
> sure what your trying to explain to me. Forgive my rookie aspect.
> Still trying to figure out the contain message you sent to me.
>
> When you want to list your Bookmark, use contain to grab the Post
> info, as well.
>
> 'contain' => array(
> 'Post' => array(
> 'fields' => array(
> 'title', 'description'
> )
> )
> )
> I am not using the list. Its all showing up in the "related" info
> that shows up on the index page of the user/view so the user can see
> his bookmarks on his page.
>
> Thanks,
>
> Dave
>
> -Original Message-
> From: brian [mailto:bally.z...@gmail.com]
> Sent: March-15-09 11:29 PM
> To: cake-php@googlegroups.com
> Subject: Re: Users with ACL problem
>
> Actually, I was going somewhere else with this but ... couldn't you
> just assign the ARO to Teacher instead of User? AFAIK, there's no
> reason an ARO can't be assigned to something other than a User.
>
> On Sun, Mar 15, 2009 at 9:49 PM, Dave Maharaj :: WidePixels.com
> wrote:
>
> > Yes that is correct. Both the TEACHERS and STUDENTS have a user_id
> > field which is the USER ID.
>
> > -Original Message-
> > From: brian [mailto:bally.z...@gmail.com]
> > Sent: March-15-09 10:20 PM
> > To: cake-php@googlegroups.com
> > Subject: Re: Users with ACL problem
>
> > But Teacher should also have a user_id field, yes?
>
> > On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com
> > wrote:
> >> I think I may have caused my self more of a headache then necessary
> >> and would like to hear your thoughts on my set up.
>
> >> On my site there are 2 different GROUPS a USER can sign up as. Each
> >> form creates the USER and corresponding TEACHER profile (table has
> >> USER_ID) or STUDENT profile (table has USER_ID). So when either
> >> signs up it creates a USER and a TEACHER or STUDENT with the
> >> USER_ID being the
> > USER ID.
>
> >> I chose to break the USERS for the TEACHERS and STUDENT because the
> >> profiles are completely different and have different validation
criteria.
>
> >> Now when add the Auth and ACL I want to now set it so the TEACHER
> >> or STUDENT can edit their own contributions to the site. Where I am
> >> finding the headache is when checking to see if the user can
> >> perform
> > specific actions.
> >> For example a TEACHER adds a new test the only person who can edit
> >> that test would be the teacher who created it (among many other
> >> owner related operation). But when the test was created it was done
> >> so by using the teacher id and AUTH checks the User id. Now I am
> >> sure I can get the user id front the teacher id but that seems like
> >> more work
Re: Users with ACL problem
What brian is suggesting is the following: 1. Right not your ARO (requester) is a User, which forces you to distinguish between students and teachers 2. If you make Teacher an ARO and Student another ARO, you eliminate that problem (this is easily done with ACL) On Mar 16, 3:12 am, "Dave Maharaj :: WidePixels.com" wrote: > Over my head...this is my first attempt using Cake and with ACL and AUTH and > everything else its just overwhelming... So I am not even sure what your > trying to explain to me. Forgive my rookie aspect. Still trying to figure > out the contain message you sent to me. > > When you want to list your Bookmark, use contain to grab the Post info, as > well. > > 'contain' => array( > 'Post' => array( > 'fields' => array( > 'title', 'description' > ) > ) > ) > I am not using the list. Its all showing up in the "related" info that > shows up on the index page of the user/view so the user can see his > bookmarks on his page. > > Thanks, > > Dave > > -----Original Message- > From: brian [mailto:bally.z...@gmail.com] > Sent: March-15-09 11:29 PM > To: cake-php@googlegroups.com > Subject: Re: Users with ACL problem > > Actually, I was going somewhere else with this but ... couldn't you just > assign the ARO to Teacher instead of User? AFAIK, there's no reason an ARO > can't be assigned to something other than a User. > > On Sun, Mar 15, 2009 at 9:49 PM, Dave Maharaj :: WidePixels.com > wrote: > > > Yes that is correct. Both the TEACHERS and STUDENTS have a user_id > > field which is the USER ID. > > > -Original Message- > > From: brian [mailto:bally.z...@gmail.com] > > Sent: March-15-09 10:20 PM > > To: cake-php@googlegroups.com > > Subject: Re: Users with ACL problem > > > But Teacher should also have a user_id field, yes? > > > On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com > > wrote: > >> I think I may have caused my self more of a headache then necessary > >> and would like to hear your thoughts on my set up. > > >> On my site there are 2 different GROUPS a USER can sign up as. Each > >> form creates the USER and corresponding TEACHER profile (table has > >> USER_ID) or STUDENT profile (table has USER_ID). So when either signs > >> up it creates a USER and a TEACHER or STUDENT with the USER_ID being > >> the > > USER ID. > > >> I chose to break the USERS for the TEACHERS and STUDENT because the > >> profiles are completely different and have different validation criteria. > > >> Now when add the Auth and ACL I want to now set it so the TEACHER or > >> STUDENT can edit their own contributions to the site. Where I am > >> finding the headache is when checking to see if the user can perform > > specific actions. > >> For example a TEACHER adds a new test the only person who can edit > >> that test would be the teacher who created it (among many other owner > >> related operation). But when the test was created it was done so by > >> using the teacher id and AUTH checks the User id. Now I am sure I can > >> get the user id front the teacher id but that seems like more work > >> than needed because when it comes to the STUDENT side of the site > >> everything will have to be done the same way to find the USER ID > >> there as > > well. > > >> Another problem is the TEACHERS have a lot of HABTM tables where they > >> can select SUPPLIES , BOOKS, SKILLS...etc related to their TEST or > >> EXAM they create which are all related to the TEACHER thru the > >> teacher id not the user_id. > > >> In theory I would like to use only the user id but in my situation is > >> that possible because I choose to break up my users? > > >> Thanks for you time and insight to all... > > >> Dave > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
RE: Users with ACL problem
Over my head...this is my first attempt using Cake and with ACL and AUTH and everything else its just overwhelming... So I am not even sure what your trying to explain to me. Forgive my rookie aspect. Still trying to figure out the contain message you sent to me. When you want to list your Bookmark, use contain to grab the Post info, as well. 'contain' => array( 'Post' => array( 'fields' => array( 'title', 'description' ) ) ) I am not using the list. Its all showing up in the "related" info that shows up on the index page of the user/view so the user can see his bookmarks on his page. Thanks, Dave -Original Message- From: brian [mailto:bally.z...@gmail.com] Sent: March-15-09 11:29 PM To: cake-php@googlegroups.com Subject: Re: Users with ACL problem Actually, I was going somewhere else with this but ... couldn't you just assign the ARO to Teacher instead of User? AFAIK, there's no reason an ARO can't be assigned to something other than a User. On Sun, Mar 15, 2009 at 9:49 PM, Dave Maharaj :: WidePixels.com wrote: > > Yes that is correct. Both the TEACHERS and STUDENTS have a user_id > field which is the USER ID. > > -Original Message- > From: brian [mailto:bally.z...@gmail.com] > Sent: March-15-09 10:20 PM > To: cake-php@googlegroups.com > Subject: Re: Users with ACL problem > > > But Teacher should also have a user_id field, yes? > > On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com > wrote: >> I think I may have caused my self more of a headache then necessary >> and would like to hear your thoughts on my set up. >> >> On my site there are 2 different GROUPS a USER can sign up as. Each >> form creates the USER and corresponding TEACHER profile (table has >> USER_ID) or STUDENT profile (table has USER_ID). So when either signs >> up it creates a USER and a TEACHER or STUDENT with the USER_ID being >> the > USER ID. >> >> I chose to break the USERS for the TEACHERS and STUDENT because the >> profiles are completely different and have different validation criteria. >> >> Now when add the Auth and ACL I want to now set it so the TEACHER or >> STUDENT can edit their own contributions to the site. Where I am >> finding the headache is when checking to see if the user can perform > specific actions. >> For example a TEACHER adds a new test the only person who can edit >> that test would be the teacher who created it (among many other owner >> related operation). But when the test was created it was done so by >> using the teacher id and AUTH checks the User id. Now I am sure I can >> get the user id front the teacher id but that seems like more work >> than needed because when it comes to the STUDENT side of the site >> everything will have to be done the same way to find the USER ID >> there as > well. >> >> Another problem is the TEACHERS have a lot of HABTM tables where they >> can select SUPPLIES , BOOKS, SKILLS...etc related to their TEST or >> EXAM they create which are all related to the TEACHER thru the >> teacher id not the user_id. >> >> In theory I would like to use only the user id but in my situation is >> that possible because I choose to break up my users? >> >> Thanks for you time and insight to all... >> >> Dave >> > >> > > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Users with ACL problem
Actually, I was going somewhere else with this but ... couldn't you just assign the ARO to Teacher instead of User? AFAIK, there's no reason an ARO can't be assigned to something other than a User. On Sun, Mar 15, 2009 at 9:49 PM, Dave Maharaj :: WidePixels.com wrote: > > Yes that is correct. Both the TEACHERS and STUDENTS have a user_id field > which is the USER ID. > > -Original Message- > From: brian [mailto:bally.z...@gmail.com] > Sent: March-15-09 10:20 PM > To: cake-php@googlegroups.com > Subject: Re: Users with ACL problem > > > But Teacher should also have a user_id field, yes? > > On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com > wrote: >> I think I may have caused my self more of a headache then necessary >> and would like to hear your thoughts on my set up. >> >> On my site there are 2 different GROUPS a USER can sign up as. Each >> form creates the USER and corresponding TEACHER profile (table has >> USER_ID) or STUDENT profile (table has USER_ID). So when either signs >> up it creates a USER and a TEACHER or STUDENT with the USER_ID being the > USER ID. >> >> I chose to break the USERS for the TEACHERS and STUDENT because the >> profiles are completely different and have different validation criteria. >> >> Now when add the Auth and ACL I want to now set it so the TEACHER or >> STUDENT can edit their own contributions to the site. Where I am >> finding the headache is when checking to see if the user can perform > specific actions. >> For example a TEACHER adds a new test the only person who can edit >> that test would be the teacher who created it (among many other owner >> related operation). But when the test was created it was done so by >> using the teacher id and AUTH checks the User id. Now I am sure I can >> get the user id front the teacher id but that seems like more work >> than needed because when it comes to the STUDENT side of the site >> everything will have to be done the same way to find the USER ID there as > well. >> >> Another problem is the TEACHERS have a lot of HABTM tables where they >> can select SUPPLIES , BOOKS, SKILLS...etc related to their TEST or >> EXAM they create which are all related to the TEACHER thru the teacher >> id not the user_id. >> >> In theory I would like to use only the user id but in my situation is >> that possible because I choose to break up my users? >> >> Thanks for you time and insight to all... >> >> Dave >> > >> > > > > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
RE: Users with ACL problem
Yes that is correct. Both the TEACHERS and STUDENTS have a user_id field which is the USER ID. -Original Message- From: brian [mailto:bally.z...@gmail.com] Sent: March-15-09 10:20 PM To: cake-php@googlegroups.com Subject: Re: Users with ACL problem But Teacher should also have a user_id field, yes? On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com wrote: > I think I may have caused my self more of a headache then necessary > and would like to hear your thoughts on my set up. > > On my site there are 2 different GROUPS a USER can sign up as. Each > form creates the USER and corresponding TEACHER profile (table has > USER_ID) or STUDENT profile (table has USER_ID). So when either signs > up it creates a USER and a TEACHER or STUDENT with the USER_ID being the USER ID. > > I chose to break the USERS for the TEACHERS and STUDENT because the > profiles are completely different and have different validation criteria. > > Now when add the Auth and ACL I want to now set it so the TEACHER or > STUDENT can edit their own contributions to the site. Where I am > finding the headache is when checking to see if the user can perform specific actions. > For example a TEACHER adds a new test the only person who can edit > that test would be the teacher who created it (among many other owner > related operation). But when the test was created it was done so by > using the teacher id and AUTH checks the User id. Now I am sure I can > get the user id front the teacher id but that seems like more work > than needed because when it comes to the STUDENT side of the site > everything will have to be done the same way to find the USER ID there as well. > > Another problem is the TEACHERS have a lot of HABTM tables where they > can select SUPPLIES , BOOKS, SKILLS...etc related to their TEST or > EXAM they create which are all related to the TEACHER thru the teacher > id not the user_id. > > In theory I would like to use only the user id but in my situation is > that possible because I choose to break up my users? > > Thanks for you time and insight to all... > > Dave > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Users with ACL problem
But Teacher should also have a user_id field, yes? On Sun, Mar 15, 2009 at 8:09 PM, Dave Maharaj :: WidePixels.com wrote: > I think I may have caused my self more of a headache then necessary and > would like to hear your thoughts on my set up. > > On my site there are 2 different GROUPS a USER can sign up as. Each form > creates the USER and corresponding TEACHER profile (table has USER_ID) or > STUDENT profile (table has USER_ID). So when either signs up it creates a > USER and a TEACHER or STUDENT with the USER_ID being the USER ID. > > I chose to break the USERS for the TEACHERS and STUDENT because the profiles > are completely different and have different validation criteria. > > Now when add the Auth and ACL I want to now set it so the TEACHER or STUDENT > can edit their own contributions to the site. Where I am finding the > headache is when checking to see if the user can perform specific actions. > For example a TEACHER adds a new test the only person who can edit that test > would be the teacher who created it (among many other owner related > operation). But when the test was created it was done so by using the > teacher id and AUTH checks the User id. Now I am sure I can get the user id > front the teacher id but that seems like more work than needed because when > it comes to the STUDENT side of the site everything will have to be done the > same way to find the USER ID there as well. > > Another problem is the TEACHERS have a lot of HABTM tables where they can > select SUPPLIES , BOOKS, SKILLS...etc related to their TEST or EXAM they > create which are all related to the TEACHER thru the teacher id not the > user_id. > > In theory I would like to use only the user id but in my situation is that > possible because I choose to break up my users? > > Thanks for you time and insight to all... > > Dave > > > --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
