Thank you James; but I don't think that addresses the notion of adding
flexibility to rules so they are not absolute, but dependent upon
various criteria. For example, allow an ARO to access an ACO only
during a particular time window. Zend_Acl allows an assertion
construct to be passed to rule definitions for this purpose; I'm
wondering how one might go about doing that with CakePHP...
Thanks!
On Apr 23, 5:06 pm, James K <[EMAIL PROTECTED]> wrote:
> Cake provides perfectly generic, free-form ACL rules. It has built-in
> support for controller or action based ACL via the Auth Component, but
> you don't need to use either.
>
> I have very fine grained ACOs, and use AROs as roles.
>
> When I do an ACL check, I can write something like $this->Acl->check('role1',
> 'users/address/mailing', 'read') to see if role1 has
>
> access to other users mailing address information. You don't have to
> limit yourself to controller/action or any of the other methods you'll
> find outlined in the Bakery. You can build your ACO/ARO trees however
> you like and the check function will be able to check against them.
>
> On Apr 23, 12:44 pm, mcjustin <[EMAIL PROTECTED]> wrote:
>
> > Does CakePHP's ACL have anything like Zend_Acl's Assert
> > functionality?http://framework.zend.com/manual/en/zend.acl.advanced.html
>
> > Our application will have a large number of business rules, which we
> > need to limit access based on various non-constant criteria.
>
> > If not built into cake's ACL, could anyone suggest a way to
> > incorporate it?
>
> > Thanks!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
