dr. Hannibal Lecter wrote:
> I'm halfway through the ACL implementation (well, almost...), and I
> was wondering: is it better to hide the links which are denied by ACL
> (we're talking about the already logged-in user), or show them and
> give the user the Auth message "not enough privileges"?
>
> Obviously, hiding all the denied links will make views a bit messier
> and slower to run overall, but user interface will be cleaner. Do you
> think it's worth it?
>
> Please note that I'm not talking just about the admin/regular user
> views, I'm talking about custom user groups *and* dynamic permissions.
I'm working on something similiar and decided to hide the links which
are denied by ACL.
Three main reasons:
1. As you said, the userinterface will be cleaner
2. Showing the links and giving the user a message "not privileged"
would result in a support nightmare. ("When I click on 'delete database'
the system tells me I can't do it. Why is that?")
3. Sometimes there are links of which I don't want some users to be
aware of. The application I'm developing right now generates several
reports about the data the users enter. Some of these reports are
available for all users, some only for a privileged user group. If the
unprivileged users would see the links for these reports someone would
have to explain to them why they can't access them...
Anyway, I'm still working on a proper, cake-like solution to generate
the menue according to the user's privileges.
At the moment I'm fumbling around with a component which receives an
array with all available links an returns an array with the allowed ones.
To make things a bit more complicated I have submenues. So if a user is
not allowed to access any of the submenu links he doesn't even see the
main menue point.
I'd like to hear other solutions, though...
Regards
Guenther
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
