[Cakephp] Basic and simple permissions

For cakephp you can use the AppController to check for permissions and perform other operations that you want to apply for all controllers. One of the operations is using the isAuthorized function to check whether the current user has the permission to use a certain action. A general approach is to define the permissions in an array something like

$applicant = array(
'applications' => array('index', 'edit')
 );

In this scope, the applicant role in my application can perform the ‘index’ and ‘edit’ actions (functions) in the ‘applications’ controller. Next,


          if(isset($user['role'])){
			$role = $user['role'];
			if($role == 'admin'){
				// If admin, do everything
				return true;
			} else if($role == 'applicant'){
				// If applicant, check the applicant array
				if(array_key_exists(strtolower($this->name), $applicant)){
					if(in_array(strtolower($this->action), $applicant[strtolower($this->name)])){
						return true;
					} else {
						return false;
					}
				} else {
					return false;
				}
			}
		} else {
			return false;
		}

$this->name returns the current controller. $this->action returns the current action the user is trying to view.

[Cakephp] Save multiple associated data

In a one to many relationship, say a question to answers, and I am using javascript to add some answers to the question. It’s best to add the answer fields as follows in the views (replace 0 with a counter variable or something)


<input name="data[Answer][0][answer]">

and make use of the save associated in the controller’s function that handles adding the question as


$this->Question->saveAssociated($this->request->data)