So i have users>roles, roles: administrator and moderator can create
events, administrator have all privileges but moderator can delete
only he own events best solutions for it ?
now i have that
$this->Auth->authorize = 'actions';
ACL per action
ROOT
+Events
--create
--edit
--delete
Administartor CED
Moderator CE
Model Event ActAs Controlled
Controller Event create
$acoNode = array('model'=>$this->Event->name, 'foreign_key' =>$this-
>Event->id);
$aroNode = array('model'=>'User','foreign_key'=>$this->Auth-
>user('id')); // User has full control of the action he created
// User has full control of the action he created
$role = $this->Auth->user('role');
if($role=='Administrator')
$this->Acl->allow($aroNode, $acoNode, '*');
else
$this->Acl->allow($aroNode, $acoNode, 'read','update');
What i must to do next for implement ACL per element witch cake auth
by action ??
|
