Re: How should I allow Users only to edit their own Posts in a Cake App? Acl related

Wed, 01 Aug 2007 09:28:10 -0700 

If you are sticking to very basic level like user x can edit his own
records and not others, then it is OK. However, as your application
grows, you may not find this good enough for management and will start
giving you nightmares later on. I would suggest to go with ACL as it
does not add that much of an overhead as you might think!

Cheers,
Ketan


starkey wrote:
> I do not think I'd use ACL for this.  I'd do as you suggest and check
> the current userid against the create_by userid.  Also, I would not
> give them an "edit" or "view" link if they aren't allowed to edit/view
> it, they would just get confused if the option is there but they can't
> use it.
>
> Regards,
> Shawn
>
>
> On Aug 1, 9:41 am, luke BAKING barker <[EMAIL PROTECTED]> wrote:
> > Hi
> >
> > What is the best way in a Cake app to allow a User to
> > view/edit (etc) their own Profiles / Posts and so on?
> >
> > Rather than create a separate ARO (as Ketan Bakery tutorial suggests),
> > I need to basically have a separate test in each action I guess
> > something  like so:
> >
> > //pseudocode
> > function edit($id) {
> > ...
> > $relevant = $this->Post->read($id);
> > if ($this->session->USERID === $relevant['Post']['user_id']) {
> >
> >   // it's OK show them the view}
> >
> > else {
> >  // this Post was not by this User , so they cant update it!
> > $this->redirect();
> >
> > }
> >
> > does that make sense?
> >
> > I am learning the usage of Acl in 1.2 just now and this is perplexing
> > me on how to do this with minimum of fuss.
> >
> > I don't know if it can be integrated / should be into Acl and Auth
> > part of my web-app?
> >
> > thanks for any advice with this pattern,
> >
> > regards
> >
> > Luke


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake 
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to