Hi Lowpass,
ok, thanks I will try to use the core ACL, but the question still remains in my mind what shall be done in the similar situations, where is the right place to put such a shared code?
regards,
Mohammad
________________________________________
Java & C# desktop developer
PHP web developer
On Tue, Mar 12, 2013 at 12:51 AM, lowpass <zijn.digital@gmail.com> wrote:
The built-in ACL functionality would be the best approach. See here:
http://mark-story.com/posts/view/auth-and-acl-an-end-to-end-tutorial-pt-1
That tutorial is for an older version of Cake but the differences are moderate.
And see this one for some ideas for being able to check access from
within your views:
http://net.tutsplus.com/tutorials/php/how-to-use-cakephps-access-control-lists/
> --
On Mon, Mar 11, 2013 at 11:26 AM, Mohammad Naghavi <mohamnag@gmail.com> wrote:
> Hi All,
> I know that this question has possibly been asked multiple times, I have
> been searching for a right answer during the last days and did not find a
> proper one. in addition to that most of the answers I found were related to
> older versions of the CakePHP and now I want what does the new Cake offer.
>
> the problem is that I have a functionality which is based on multiple models
> and controllers so that these controllers and models change the
> functionality properly. Now I need to have a component and a helper which
> have to use that functionality too. Now the question is where shall I put
> the code which is used by my helper and component? in controller or in
> model?
>
> to be concrete I have following models: User, Group and Permission where
> User HABTM Group, Group HABTM Permission. I have the controllers
> (accompanying their views) for adding, removing, signing in/out, assigning
> the Users to Groups and Permissions to Groups. Now I need a component for
> core Auth component to authorize the User's access to resources (based on
> controller, action and some times even object based) and I need a helper to
> filter out the not authorized links. I need also this authorization logic at
> some other places inside other controllers too (for example to if a used is
> allowed to do some thing at all or not). and the question is where shall
> this authorization logic reside? multiple copies inside helper and component
> and also in model? or all in one place (I can just imagine the User model)
> and always access that? in this case is the access to model inside helper
> and component not discouraged?
>
> thanks for any idea and help to solve this problem.
>
> regards,
> Mohammad
>
> Like Us on FaceBook https://www.facebook.com/CakePHP
> Find us on Twitter http://twitter.com/CakePHP
>
> ---
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cake-php+unsubscribe@googlegroups.com.
> To post to this group, send email to cake-php@googlegroups.com.
> Visit this group at http://groups.google.com/group/cake-php?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment