Reputation: 725
ACLs in CakePHP
Is the best way to use ACLs in CakePHP to add every user (as they register) as an ARO? Is there another way of doing it? That seems like if you got a big enough user-base it might slow it down a bit...
Upvotes: 1
Views: 424
Answers (3)
Reputation: 58
I don´t know if it is the best way to implement a "ROLES based security system" to control access to some resources, but I would recommend you to create a new column in USERS table to store a first level ARO alias, then you could use it in your action to check if the current user can access the resource.
Upvotes: 0
Reputation: 2185
ShaneK,
the ARO are constructed only once (for each user). Sure the ACL implementation with AROs and ACOs looks strange on first sight, but it has definitely its strong points when it comes to access rights that ressemble sparse matrices.
Upvotes: 1
Reputation: 50009
Using ACL will slow down your system a bit. And as far as I know, adding them all as AROs is the best way to go about it.
If you're system doesn't need fine grained control of each and every method, you might consider just using Auth and authorizing your users on a method level by using isAuthorized(). This is much faster than using ACL but without the fine grained control that ACL offers.
Upvotes: 1