At the moment I'm working on a plugin which is to be shared between multiple applications, the plugin has its own database connection which can be used in any application. i.e. If I have a table named plugin_categories, each application using the plugin can access the same records using the URL host.com/plugin/plugin_categories/
However! My plugin automatically detects which application is running it and I've started to restrict access to certain records in a "hasMany through" fashion. Currently I've tested this method and it works, if I access the plugin from "app one" www.mysite1.dev it will only show me categories associated to "app one". Likewise with "app two: www.mysite2.dev"
I can continue how I am going but it is going to increase the workload and require extra queries to the database for simple requests, not to mention having to wrap a lot of model methods with custom functionality to ensure the desired results. What I really want to do is use ACL but my issue lies here:
- If I activate ACL to restrict data on an application level, will it stop me using it on a user-authentication level to restrict actions and controllers?
- Also, before answering that... Can I use ACL to restrict records retrieved from a find query rather than restrict access to methods?
Heh I probably didn't word this correct but it's 2 minutes past hometime!
--
Kind Regards
Stephen
http://www.ninjacodermonkey.co.uk
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment