Well, my setup is pretty crude, but works well.
I basically have the following structure:
User hasAndBelongsToMany Group
Group hasMany Permission
a permission is essentially a wildcard string...
id, group_id, permission, allow
1, 1, '/*', true
a component does a beforeFilter check on the requested URL and checks that
the user is in a group which 'allows' them to see that URL...(this isn't my
idea, I saw an implementation of it a couple of years back and rolled my
own flavour of it)
I then have a permissions helper which allows the view to detect whether or
not a given user is a member of a given group (implementation is an
exercise for the author).
so the permissions work 2 fold, firstly whether or not they can actually
get to the resource to begin with, and secondly check whether or not the
user is a member of a specific group.
You can then do things in your view like...
if($this->Permission->is('admin')) {
echo $this->element('admin.widget');
} else {
echo $this->element('user.widget');
}
ACL can be used to achieve a simillar result, however the one weakness I
found in ACL is you can't have a user belonging to multiple groups. So you
can't have a user who is a member of the Authors group, and also a member
of the Moderators group - unless all Authors are also Moderators in the ACL
tree.
The result is that an Author, or an Admin both go to the same resource
(/posts/view) but the content of the view is different depending on their
role(s).
On Mon, Jul 16, 2012 at 10:17 AM, Advantage+ <[email protected]> wrote:
> Thanks Greg,****
>
> ** **
>
> Could you tell me a bit more about your idea? I never have heard about
> that idea / approach so any details as to how exactly it would work. ****
>
> ** **
>
> Dave****
>
> ** **
>
> ** **
>
> *From:* [email protected] [mailto:[email protected]] *On
> Behalf Of *Greg Skerman
> *Sent:* Sunday, July 15, 2012 9:38 PM
>
> *To:* [email protected]
> *Subject:* Re: Admin / Prefix When Baking****
>
> ** **
>
> with 60 controllers I wouldn't use admin routing.
>
> I'd probably skip ACL (because it doesn't support users belonging to
> multiple groups), but a simple structure of User HasAndBelongsToMany Group,
> then a component which allows you do to something like
> $this->Permission->is('admin') etc to restrict access/conditionally load
> elements and so forth will be far easier to work with.
>
> ****
>
> On Mon, Jul 16, 2012 at 9:52 AM, romel javier gomez herrera <
> [email protected]> wrote:****
>
> hi.****
>
> ** **
>
> imagine that your system grows exponentially and has a complex
> organizational structure****
>
> ** **
>
> is more simple to define the role model and decorate the url with routes**
> **
>
> ** **
>
> bye****
>
> ** **
>
> ** **
>
> 2012/7/15 Advantage+ <[email protected]>****
>
> Yes they will be modified / removed for each where needed. ****
>
> But with 60 controllers that a lot of copy and paste. Just curious if
> there was a do all at once to save time. ****
>
> Easier to remove them where not needed rather than copy and paste for each
> J****
>
> ****
>
> Thanks all the same.****
>
> ****
>
> Dave****
>
> ****
>
> *From:* [email protected] [mailto:[email protected]] *On
> Behalf Of *Greg Skerman
> *Sent:* Sunday, July 15, 2012 9:13 PM
> *To:* [email protected]
> *Subject:* Re: Admin / Prefix When Baking****
>
> ****
>
> not sure, however you should be able to (basically) copy/paste the actions
> for admin_ and rename manager_ and editor_ - its not exactly 'dry'
> though...and I'd assume you are intending on modifying the logic for each
> anyway.
>
> ****
>
> On Sun, Jul 15, 2012 at 3:45 PM, Advantage+ <[email protected]> wrote:*
> ***
>
> I have 3 different Admin routing defined in core.php****
>
> Configure::write('Routing.prefixes', array('admin', 'manager' , 'editor'));
> ****
>
> ****
>
> so when baking it asks would you like to add the routing in controller
> 1/2/3 but it only bake's one set and doing it again will overwrite the
> original controller, is there a way to bake all views and controller
> actions for all admin routings at 1 time?****
>
> ****
>
> Thanks ****
>
> A+****
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php****
>
> ****
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php****
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php****
>
> ** **
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php****
>
> ** **
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php****
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> [email protected] For more options, visit this group
> at http://groups.google.com/group/cake-php
>
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
