actions. so it doesn't effect. It gets more complicated when there are
table associations like hasMany,belongsTo and hasAndBelongsToMany
:)
On Apr 24, 3:55 pm, Fons Vandamme <fo...@ndamme.be> wrote:
> You can add a user_id to your post or whatever you want users/admins
> to delete. then you can use the afterFind to determine if the user can
> or can't do actions on that record.
>
> Hope this helps! should be easy to implement ;)
>
> On 24 apr, 09:28, Pankaj Agrawal <pankaj.visi...@gmail.com> wrote:
>
>
>
>
>
>
>
> > Hi,
>
> > I feel this is a must feature and should already be there. But after a
> > lot of searching I could only find ways to restrict users to
> > particular actions like view, add, delete.
>
> > I have Baked CURD pages for all my tables that are associated.
>
> > What I want is to be able to allow a particular user to be able to
> > list/view/edit/update/delete his own posts/profile etc only.
>
> > An Admin to be be able to list/view/edit/update/delete only his own
> > users and posts from his own users only.
>
> > And a particular admin to be able to do everything.
>
> > I am not able to find a way which can let any db query to be
> > restricted to certain conditions that specifies the ownership for the
> > user. For a direct php query it would be comparatively simple with
> > some extra where clause.
>
> > I did a lot of searching but I am so far disappointed regarding this
> > feature which is probably the core of any site.
>
> > Thanks for all your help.
>
> > - Pankaj
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment