0

我的产品表:

select * from products;
+------+----------------+
| id   | name           |
+------+----------------+
|    1 | product XYZ    |
|    2 | product XPTO   |
|    3 | procudt ABC    |
|    4 | procudt QWERTY |
|    5 | procudt 1234   |
+------+----------------+

我可以允许/拒绝某些用户组访问模型“产品”,例如:

$group->id = 3;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Products');

$group->id = 4;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Products/view');

但是如何允许/拒绝某些组访问某些特定产品,例如:

$group->id = 5;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'product XYZ');

$group->id = 6;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'product XPTO');
$this->Acl->allow($group, 'product 1234');

?

4

1 回答 1

1

You want row level access control. There are several ways of going about that in CakePHP (some using Cake's ACL functionality, some not) so you should look around and see what is best for your situation.

One thing to keep in mind, though, is that the out of the box ACL functionality in Cake was designed for implementing access control against controller actions, and not specific database rows. Depending on the amount of data you need to check things could get out of hand fairly quickly. You might want to reconsider your design to see if you truly need to check access at the record level.

于 2012-12-23T04:11:13.943 回答