On Wed, Jul 16, 2008 at 11:33 PM, Baz L <[EMAIL PROTECTED]> wrote: > BTW, what 'critical' data could you possibly need in the User session? > If you're displaying stuff on the website, why don't you read the > user_id from Auth and then the rest of the data from the actual table, > if it's critical? If it's critical, read it yourself. > > Also, the solutions above will only help you with a user editing their > own profile. This won't help with you scenario of changing user roles. > How is the application expected to log everyone off? You only > possibility is if you use database sessions, then I assume you'd be > able to clear those out in an afterSave() or something like that.
The need to edit another user's profile is more of an edge case. Having an Edit Profile is a more common situation and one where you'd want to keep the data in the session up-to-date. Otherwise, why bother having the AuthComponent store the entire User in the Session? Reading the data in again separately in some places separates similar functionality (ie: reading user id from the Auth session in some places and then reading the user name from another place). If we then move to always pull the User info from the same place, separate from the Auth session, then you're pulling the user data out twice, needlessly. The Auth session has it, it just needs to be refreshed and is the best approach, imo. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
