Hi Paulo:
To answer your first question: give everyone access to every post by
*not*checking to see who owns it in the Controller::index() and
Controller::view() methods. Give only the post's writer the ability to
edit/delete the post by checking first to see who owns it in the
Hi rob, thanks for your answer, I already used that solution in some
projects, but I thought that there was an acl solution to do it but as I
see, there is no.
Thank you, WhoDidIt is very interesting.
Best regards
On Tuesday, December 25, 2012 1:35:59 PM UTC+2, Rob M wrote:
Hi Paulo:
To
I already used that way to solve what I want. I wanted something like acl
solution, hehe.
Thank you for your answer
Best regards
Paulo
On Tuesday, December 25, 2012 4:53:22 AM UTC+2, zuha wrote:
Is there a reason you don't just do access control in the controller then?
ie.
if
Hi Paulo: You are describing row-level access control, and I am doing that
with CakePHP 2.0 using a modified version of Daniel Vecchiato's WhoDidIt
Model Behavior
(https://github.com/danfreak/4cakephp/tree/master/models/behaviors). Then I
check in the controller to see if the id in the table
Hi Rob. Thanks for your answer, the behavior is very interesting.
I think I did not express myself well, I dont want just to set that a user
has only access to the posts he created.
I want also to configure for example:
We have hotels around a country from the same organization, so in each
Is there a reason you don't just do access control in the controller then?
ie.
if ($this-request-data['User']['creator_id'] ==
$this-Session-read('Auth.User.id')) {
$this-BlogPost-save($this-request-data);
}
BTW, Zuha has a behavior called the UsableBehavior which could probably be
Hi people.
I am using cakephp 2.x, and I am trying to build a system with group
permissions, ok, I used Acl and Auth component without problem.
Now I want to configure access to specific data. for example:
we have a blog app, and we have users, posts, etc.
an admin can do anything(no