How to limit data to users who own it without limiting admin users in CakePHP?

Posted by cdburgess on Stack Overflow See other posts from Stack Overflow or by cdburgess
Published on 2010-06-12T21:45:35Z Indexed on 2010/06/12 22:33 UTC
Read the original article Hit count: 239

Filed under:
|

Currently I am writing an application where I have multiple users. They have data that should only be visible to them and not the other authenticated users in the system. I also have administrators who manage the system and have access to all of the information. What is the best way to limit users to their data without limiting admin users?

Currently I am using a callback to limit the queries by user, but the admin will get the same limits. So I need to know a better way to do it. More importantly, the right way to do it.

For example, I want the standard user to be able to see their user information only and be limited to CRUD operations on their information only. The admin, however, should be able to see ALL users and CRUD ALL user data. Any ideas?

© Stack Overflow or respective owner

Related posts about cakephp

Related posts about cakephp-1.3