Re: Need advice for custom ACL

hi,

> in my app i need to (some examples):
>
> - ignore some validation rules if the user has "authorization X"
> - hide or modify some form fields if user hasn't "authorization Y"
> - do the usual ACL things ("if you're a Customer you can't modify
> users" and so on)
>
> not all of those "authorizations" are referred to a specific
> controller's action so cake's built-in ACL isn't very useful.
>
> in your opinion, what's the best way to implement this?

Not tried this, but could you:

1. Have multiple views per auth type, stops you needing to hide/show form fields
2. Have multiple Models that connect to the same table, each with a
different set of validation rules
3. Use the correct model above in your controller and views

... which would mean your ACL logic stays in the controller.

Might work,

Cheers,

Jon

--
jon bennett - www.jben.net - blog.jben.net

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.

To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php