I agree with Jon about the "buy" button. But don't exclude the User.id from the find() or you'll confuse people who can't see their own products.
On Wed, Jul 8, 2009 at 8:04 PM, Jon Bennett<[email protected]> wrote: > >> I'd put the code deeper, in the Order (or even Cart if you've using a >> cart metaphor) model in the beforeSave() callback or perhaps as a >> validation rule to prevent purchases for those link directly to the >> product. > > Yep, good idea, but also a good idea to simply not show active users > their own items. Or not show the add to basket (or similar) button if > the item has a user_id that matches. > > j > >> >> On Wed, Jul 8, 2009 at 6:32 PM, Jon Bennett<[email protected]> wrote: >>> >>>> I have question on the best way of applying rules to types of actions >>>> on certain models with ownership properties. The application I'm >>>> building is a type of market place application where users are selling >>>> many items and others can bid on them and buy them. >>>> >>>> I understand that ACL is best for giving permission for request >>>> objects to access control objects. >>>> >>>> Where and how is the best way to implement the rule such that I can >>>> buy anyone's stuff but my own? Does ACL have support for complex >>>> rules on access? >>>> >>>> The models look like this: >>>> User hasMany Item >>>> Item belongsTo User >>> >>> Why not exclude the active (signed in) users id when retrieving items? >>> >>> $items = $this->Item->find('all', array( >>> 'conditions'=>array('Item.user_id !'=>$this->Auth->user('id')) >>> )); >>> >>> hth >>> >>> Jon >>> >>> -- >>> >>> jon bennett >>> w: http://www.jben.net/ >>> iChat (AIM): jbendotnet Skype: jon-bennett >>> >>> > >>> >> >> > >> > > > > -- > > jon bennett > w: http://www.jben.net/ > iChat (AIM): jbendotnet Skype: jon-bennett > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
