Thanks for the tip. I read through some stuff on Cake's ACLs before, but never really picked up on the possibilities for row level security because most tutorials focus on action level restriction.
After some more reading, it looks like what I need is to use Model.id style aros and acos along with AuthComponent in crud mode. I found this article helpful: http://bakery.cakephp.org/articles/view/how-to-use-acl-in-1-2-x On Jun 3, 7:25 pm, "Dardo Sordi Bogado" <[EMAIL PROTECTED]> wrote: > PS: And I forgot, have a look at the ACL Behavior. > > On Tue, Jun 3, 2008 at 11:18 PM, Dardo Sordi Bogado > > <[EMAIL PROTECTED]> wrote: > >> What I mean by 'ownership based' is that authorization is based on > >> object relationships in the database, not on ACLs which consider URLs > >> or controller actions. > > > That is one mode of operation of the Auth component, there are others > > you might want to readhttp://book.cakephp.org/view/396/authorize. > > > Also ACLs can be used separated from the Auth component and are a good > > fit for doing what you are saying. > > > Regards, > > - Dardo Sordi. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
