> Sorry, this is getting away from the original question.
> Nothing to do with the actual function of getting the data just simply the
> hypothetical way to check if it's the owner or not. Just the way the code is
> structured.
>
> 1.attempt to get data based on the $id requested (the function will either
> find something or not is all we are concerned about for the example)
> 2.if record found do something with data
> 2a. if no data found for whatever reason, no record exists, not correct user
> requesting record, not logged in....anything.
>
> How do you check if the request for a record belong to user?
> Im referring to the code how its written not the actual functionality of if
> found / correct user / auth
>
> When you check your requests against user sure you check if the user owns
> the record, I'm interested in the flow process of how others go about it, if
> im doing it right, if there is a better way, easier way?
>
> JUST THIS BELOW (THE STRUCTURE / WORK FLOW )
> ____________________________
>
> Function edit($id){
> $data = $this->User->somefunctionToReturnUserRecord( $id, $auth_id);
>
> If($data){
> //do something with data
> }
> If (!$data){
> //something went wrong
> }
> }
>
I'm not entirely sure what you're getting at. But, if the User hasMany
Record, and the method param is the Record.id, I guess it makes most
sense to first fetch the Record, then test if it's empty. If empty,
return not found error. If not, then check $data['Record']['user_id']
against $this->Auth->user('id') and respond accordingly.
Is that what you're asking?
Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
No comments:
Post a Comment