Hi people.
I am using cakephp 2.x, and I am trying to build a system with group permissions, ok, I used Acl and Auth component without problem.
Now I want to configure access to specific data. for example:
we have a blog app, and we have users, posts, etc.
an admin can do anything(no problems);
a post is posted by a user. (some problems here);
With acl I configured that admin group can do anything. and that user group can just do anything in posts(add, list, edit, delete). everything is working.
But I dont want a user to edit,delete,list posts that were not created by him.
I used to do it with the method isAuthorized(), but imagining a big app, I think it will be too hard to codify it.
is there a "clean" way to do it???
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment