cake-php@googlegroups.com
[Top] [All Lists]

Re: using ACL in model

Subject: Re: using ACL in model
From: cricket
Date: Mon, 8 Mar 2010 15:40:31 -0800 PST
I think that would best be left to the controller. Think of what the C
in ACL stands for.

To avoid repeating code, create a protected method _changeStatus() and
check there if the User is allowed.

On Mar 8, 3:39 pm, sawa <sava.ra...@xxxxxxxxx> wrote:
> Hi,
> I was wondering if it's possible to use ACL in model instead of the
> controller.
> Let's say I have fat models and I have model method change_status.
> Now, in my controllers I may invoke $mymodel->change_status on couple
> of places and I don't want to check if user is authorized to do
> change_status everywhere. Instead of that I want to check if user is
> authorized in the model, so when I invoke that method in my
> controllers I don't have to worry about forgetting to check user
> privileges for that operation.
>
> Any ideas?

Check out the new CakePHP Questions site http://cakeqs.org and help others with 
their CakePHP related questions.

You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to cake-php@xxxxxxxxxxxxxxxx
To unsubscribe from this group, send email to
cake-php+unsubscribe@xxxxxxxxxxxxxxxx For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en

<Prev in Thread] Current Thread [Next in Thread>