Re: One app, many roles and priviledges. How?

2008-06-03 Thread mbavio 

I repeat what I put in the other post, have you heard of ACL?

With a correct ACL tree, you can limit access depending on the role,
just like the thing that you wanna do. Of course, if for example you
have differente edits for different roles, then there is no ACL that
can help you. But with the scenario that you gave, ACL is enough.

Cheers,
mbavio

On Jun 2, 4:08 pm, James K [EMAIL PROTECTED] wrote:
 Unless the different roles have access to totally different
 functionality, I don't see why you'd want to do this.

 It'd be much easier to have the form(s) customize themselves based on
 what the user's role is - or better yet, implement an ACL tree to
 cover all the different functionalities available to each role.

 On Jun 2, 10:20 am, Jaime [EMAIL PROTECTED] wrote:

  Hello everybody,

  This topic is quite similar 
  tohttp://groups.google.com/group/cake-php/browse_thread/thread/35900a65...
  which remains still unresolved.

  It's just about a common scenario while building a corporate Intranet.

  There is a fine DB and many models with their relationships...
  There are also lots of users, and each users belongs to a role.

  So the MANAGERS can add/edit/delete everything, but (let's say)
  WORKERS can only read/write to some things, and last, CUSTOMERS can
  only read a part of the data.

  Cake's admin routes are nice, but are designed for a simpler scenario
  (Users vs. Admins), so won't help here.

  The only thing I can imagin is quite LAME:

  class contract_controller extends AppController {

function _edit_contract_by_laywer($id) {
  ...my_lame_private_method...
}

function _edit_contract_by_broker($id) {
  ...my_lame_private_method...
}

function _edit_contract_by_manager($id) {
  ...my_lame_private_method...
}

function edit($id) {

  if ($role == 'LAYWER') {
$this-_edit_contract_by_laywer($id);
$this-render('edit_contract_by_lawyer');
  }
  elseif ($role == 'BROKWER') {
$this-_edit_contract_by_broker($id);
$this-render('edit_contract_by_broker');
  }
  elseif ($role == 'MANAGER') {
$this-_edit_contract_by_manager($id);
$this-render('edit_contract_by_manager');
  }

}

  }
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---

Re: One app, many roles and priviledges. How?

2008-06-02 Thread grigri 

You might find this article interesting:
http://bakery.cakephp.org/articles/view/using-cake_admin-for-multiple-user-types
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---

Re: One app, many roles and priviledges. How?

2008-06-02 Thread Jaime 

On 2 jun, 14:20, Jaime [EMAIL PROTECTED] wrote:
 Cake's admin routes are nice, but are designed for a simpler scenario
 (Users vs. Admins), so won't help here.

Since CakePHP 1.2 there is the possibility to define custom prefix
routing, so it can be possible to do something like:

Router::connect('/brokers/contract/edit', array('prefix' =
'brokers'));
Router::connect('/laywers/contract/edit', array('prefix' =
'laywers'));
Router::connect('/managers/contract/edit', array('prefix' =
'managers'));

And then define the contract_controller like:

class contract_controller extends AppController {

  function brokers_edit($id) {
...my_private_method...
  }

  function managers_edit($id) {
...my_private_method...
  }

  function lawyers_edit($id) {
...my_private_method...
  }

}

Which looks to me better than the horrible if/elseif/elseif structure
suggested before.

Any guru out there willing to give a piece of advice on how to improve
this?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---

Re: One app, many roles and priviledges. How?

2008-06-02 Thread grigri 


 Since CakePHP 1.2 there is the possibility to define custom prefix
 routing, so it can be possible to do something like:

 Router::connect('/brokers/contract/edit', array('prefix' =
 'brokers'));
 Router::connect('/laywers/contract/edit', array('prefix' =
 'laywers'));
 Router::connect('/managers/contract/edit', array('prefix' =
 'managers'));

Cool! How did I miss that?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---

Re: One app, many roles and priviledges. How?

2008-06-02 Thread James K 

Unless the different roles have access to totally different
functionality, I don't see why you'd want to do this.

It'd be much easier to have the form(s) customize themselves based on
what the user's role is - or better yet, implement an ACL tree to
cover all the different functionalities available to each role.

On Jun 2, 10:20 am, Jaime [EMAIL PROTECTED] wrote:
 Hello everybody,

 This topic is quite similar 
 tohttp://groups.google.com/group/cake-php/browse_thread/thread/35900a65...
 which remains still unresolved.

 It's just about a common scenario while building a corporate Intranet.

 There is a fine DB and many models with their relationships...
 There are also lots of users, and each users belongs to a role.

 So the MANAGERS can add/edit/delete everything, but (let's say)
 WORKERS can only read/write to some things, and last, CUSTOMERS can
 only read a part of the data.

 Cake's admin routes are nice, but are designed for a simpler scenario
 (Users vs. Admins), so won't help here.

 The only thing I can imagin is quite LAME:

 class contract_controller extends AppController {

   function _edit_contract_by_laywer($id) {
     ...my_lame_private_method...
   }

   function _edit_contract_by_broker($id) {
     ...my_lame_private_method...
   }

   function _edit_contract_by_manager($id) {
     ...my_lame_private_method...
   }

   function edit($id) {

     if ($role == 'LAYWER') {
       $this-_edit_contract_by_laywer($id);
       $this-render('edit_contract_by_lawyer');
     }
     elseif ($role == 'BROKWER') {
       $this-_edit_contract_by_broker($id);
       $this-render('edit_contract_by_broker');
     }
     elseif ($role == 'MANAGER') {
       $this-_edit_contract_by_manager($id);
       $this-render('edit_contract_by_manager');
     }

   }

 }
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---