Thanks for posting this. I'm currently trying to work out how to do
this. I took a look at your behavior and think it'd work for me.
About the point you mentioned with Tree-based models: I'd think that
if a User needed to be granted access to some row which had a parent
that the User had been denied then the layout of your tree is wrong.
If you think about a filesystem, if user cannot read/execute some
directory, there's no point in having a file somewhere under it which
gives read perms.
My situation is that I have several Groups, and I need to restrict
which branches of a Volume tree they can see. Basically, like
filesystem tree, in fact. So, I was faced with having to fetch all
available Volume.id and pass those to my find('threaded') call, like
you mention how Mark Story put it: "you have to know the answer to the
question before you even ask it". This works, but seems sub-optimal.
Anyway, I'll give this a go later. Thanks again.
On Mon, Apr 6, 2009 at 9:46 AM, jmcneese <[email protected]> wrote:
>
> since i've seen it talked about in the groups many, many, MANY times:
>
> http://jmcneese.wordpress.com/2009/04/05/row-level-model-access-control-for-cakephp/
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
