On Tue, Jan 18, 2011 at 5:16 PM, Yaron <[email protected]> wrote:
> Hi,
> Is there a way to allow edit / delete only to certain rows and not
> all, via the Acl ?
> For example, let there be a blog with many users. I'd like users to be
> able to edit only the posts they have created, and not posts other
> users created. Of course the Post model has a user_id field to know
> which user created it.
Do yourself a favour and avoid ACL for this. It's not at all
necessary. In the controller, compare the Post.user_id against
$this->Auth->user('id') to see whther the user should be able to edit
it. In the view, compare Post.user_id against
$session->read('User.id') to test whether there should be an "edit"
link displayed.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
