Hi,
I am finally moving on with my first Cake Project. (Recipe Page) User
can add Recipes and of course they must be able to delete them aswell.
So if they are logged in, they see their own recipes. To secure other
recipes of being deleted, I wanted to use the Security Component. So I
added below in the recipe_controller function beforeFilter
if(!$this->canAccess($this->Auth->user('id'), $this->params['pass']
[0])) {
$this->Security->blackHoleCallback = 'accessError';
$this->Security->blackHole($this);
}
In my App Controller, I have now got the function accessError()
method and
function canAccess($userId = null, $primaryKey = null)
{
if($this->Recipe->find('first', array('conditions' => array
('recipe.user_id' => $userId, 'recipe.id'=> $primaryKey),
'recursive' => -1))) {
return true;
}
return false;
}
I would like now that the User stays on the same site, but gets an
Error Message displayed. How would the accessError method have to look
to achieve this? I have searched through the www, but could not find
any examples.
Hope you guys understand what I am looking for. Is this the right way
to achieve it or how are you securing against manipulation?
Look forward to some ideas. Thanks so much in advance.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
