I am asking for your idaes on a design problem because the solutions I
made up seem hacky.
I have a privileges checking behavoir and I navigate to the index view
of a model. On the index view there is the "action" column where
actions that can be invoked on each object are being displayed.
Now I just want to display actions that can actually be invoked after
passing privileges. I do not want the user to be able to click and
then read something like "No privilege to edit Post #4".
The easiest way is generally checking each action in per object in the
index view against a method from my behavoir that would return true or
falls like if(hasPrivilegeTo(array('action' => 'edit', 'onObject' =>
'5'))) { echo $actionLink }.
Now while this works I wonder who to connect the view with the model.
Evern with the other solutions below I have got the same problem.
Worse than that though is that there will be around 3 actions per
record. Displaying 10 records would result in 30 queries just for
privilege<->action checking. This is too much.
Solutions I made up:
1. Solution
I could generate a list of actions that can be invoked on a given
object by a given user - by asking my privileges behavoir - that would
reduce it to one query per object of the index/list view. In the view
I would have a foreach loop that adds action buttons.
Problem: Displaying 10 items would still result in 10 queries.
2. Solution:
I could do one query on afterFind of the list action and get a list of
every object -> actions possilbe and store that in an array. This
seems somewhat hacky and there is few more lines to do in the view
then to check. Generally a lot of things could be cached like that.
"Querying" arrays might be a lot harder though than "Querying" by SQL.
Problem: Seems hacky.
3. Solution
Another possibility would be to add a virtual fields per object on
afterFind. To do so I would get all actions on that object a user can
invoke on afterFind (just like in 2. Solution) and create a virtual
data field per object in the &$model->data array containing all actions.
In the view I could just compare to that query (like in 1. Solution)
Problem: Seems to be lots of work, could work well, no idea if this is
the way to go
Any idea how to do it with one query cake'ish? What are your thoughts?
King regards
Jonas Hartmann
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment