@Rihad
If a user that is not logged in is directed to your app somehow (a
link from somewhere, or types in a URL manually), then you would
expect them to be redirected to the login page with a notice that they
must be logged in in order to access that resource.
If a user is logged in and attempts to access a resource for which
they do not have permissions, then they should probably be redirected
back to the last page visited, with a notice that they do not have
access to the requested resource. Sending them to a login page would
imply that the same person has multiple credentials that he or she
would use to access different resources on your site.
The best solution, I would think, is not offer resources (links) in
the view if the currently logged in user does not have sufficient
permissions to access them.
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
Tuesday, May 29, 2012
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment