You should use users and roles (user belongs to role) to manage this.
and try to stay away from ACL if possible (which in this case sounds like the case)
on top of different controllers/plugins to separate the access for each role, you can thaneasily switch access based on such a role - and also pull in related tables that extend the specific role
See www.dereuromark.de/2011/12/18/tinyauth-the-fastest-and-easiest-authorization-for-cake2/ on how to make a simple role based
access.
Am Donnerstag, 9. Januar 2014 18:38:35 UTC+1 schrieb Rafael Queiroz:
Well, it's correct, but not unique solution for you problem. You can create "Plugins" for Auth specified:
1. Plugin/Admin
2. Plugin/Buyer
3. Plugin/Supplier
4. Plugin/Technician
For each plugin exists one Controller, example AdminAppController, use Auth and configure useModel and sessionKey for you model Admin and so. In my opinion this is the best solution when each section is totally different.
On Thu, Jan 9, 2014 at 1:59 PM, WhyNotSmile <sharong...@gmail.com> wrote:
I'm building a system which has 4 types of user: Admin, Buyer, Supplier and Technician. They each have access to different areas of the site, and have different restrictions placed on what they can see. From what I've read in the book, the Acl component seems to be the best way to manage this, but having read all the sections on it several times, I'm still a bit confused, so before I launch into it, I'd like to make sure I'm heading in the right direction!--
Mainly, I'm not sure how to structure the database. From the CakePHP book, it seems like I should have 4 models, one for each user type - is that correct? Do I then need a User record for each person, which links to their corresponding record in the appropriate model? Otherwise, how does Authentication work - it needs you to be working with a 'User', right?
So I'm thinking I need to build the following structure:
Users - with username and password for everyone who can log in
Buyers - individual buyer record, including user_id to link back to User record
Suppliers - individual supplier record, including user_id
Admins - as above
Technicians - as above
And when a user is added, do I create their User and Buyer/Supplier/Admin/Technician record and then add them to the Acl?
It seems quite complex for what I'm doing, as I will have the same access levels for all Buyers, the same for all Suppliers etc., but the book seems to be saying that each person will then have a User record, a Buyer/Supplier etc record, and an Aro record.
Am I doing the right thing here?
Thanks!
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+u...@googlegroups.com .
To post to this group, send email to cake...@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php .
For more options, visit https://groups.google.com/groups/opt_out .
--
Atenciosamente,
Rafael F. Queiroz
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment