because I never really took the time to get it, partly because the
control freak in me comes out (I can see the permissions code I write
but [because of my lack of understanding] the ACL and its tables are
dark) and partly because what I already do works. So I've taken the
time to go through the 2.0 tutorial to try and make that leap. I get
how it works but I have a couple of (possibly dumb) conceptual
questions because, right now, I am still not convinced.
(1) A user is in a Group. ACL can define permissions for that Group
and even to that user. How is this different to using prefix routing
where you can test for the presence of the prefix and membership of
the group?
(2) What if permissions are role based and a user can be in more than
one group? For example, a user can be a teacher, and a board member
(not all board members are teachers and not all teachers are board
members) and maybe even a student too. Their interaction with the app
'at that time' defines the role you should be checking for. I can see
how I'd program that; can I do many-to-many users-groups in ACL? How
would that work? If the answer is to apply individual permissions to
users, that's a lot of admin on a large system.
(3) By checking permissions against a database, is there not a
(however small) performance hit with the extra db query that is not
needed when permissions are defined in code?
Don't leap all over me for asking stoopid questions because I bet I
have asked what others are thinking! Sell me ACL!
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment