How to limit data to users who own it without limiting admin users in CakePHP?
Posted
by cdburgess
on Stack Overflow
See other posts from Stack Overflow
or by cdburgess
Published on 2010-06-12T21:45:35Z
Indexed on
2010/06/12
22:33 UTC
Read the original article
Hit count: 239
cakephp
|cakephp-1.3
Currently I am writing an application where I have multiple users. They have data that should only be visible to them and not the other authenticated users in the system. I also have administrators who manage the system and have access to all of the information. What is the best way to limit users to their data without limiting admin users?
Currently I am using a callback to limit the queries by user, but the admin will get the same limits. So I need to know a better way to do it. More importantly, the right way to do it.
For example, I want the standard user to be able to see their user information only and be limited to CRUD operations on their information only. The admin, however, should be able to see ALL users and CRUD ALL user data. Any ideas?
© Stack Overflow or respective owner