Sandbox

Thanks to the Hello World MVC tutorial and the demo component by uweD I have managed to start programing my simple eventlist. I've come so far that it displays the data from the database and I have a working solution to add data to the database. Now that I've come this far I would like to add some permissons to this. First of all I would like to demand that the user must be logged in to be able to add an event. The easiest way I can think of is to just add a check that the user is logged in to the view, but since I'm still very new to the MVC concept I'm not sure this is the way to go. What is the best way(tm) to add this kind of ACL to a component, is it by adding it to the view or is it the model or controller?

(By the way I'm really digging this newbie corner. )

Hi there,...
lately - should be sleeping right now, so - first of all i cant really give you an answer on your question where the best place for a check will be but - i would like to post this link here:

http://forum.joomla.org/index.php?topic ... .msg756200

there are some good infos arround on what its all about when talking about acl in J!1.5 and if or how to use it.
In short, and if i got it right - theres no way of doing this by using the database to get or store this info there for now.

Im saying this because your posting looks like your interested in new ways of getting things done with and in J!1.5, which - depending on how complex your component gets, surely could be the way you mentioned. (ACL)

I followed another discussion in a different forum on how to check to see if a user is registered or better "logged in" and some tell that simply to check $my->id would do the job pretty fine.

- i would check this before "calling" the views so if this then is the controlling part, ill take it.
if not registered / logged in -> special view for people not logged in
else -> normal behaviour / normal view / forms aso

Hope that this helps a little - Sven

Yeah, it helped.

Since I'm not implementing any advanced ACL, just a check to see if people is logged in, I choose to put it in the controller as you suggested. Seems to work mighty fine.

Many thanks.

After trying out this for a little while I've concluded that a combination is the best.

One check to see if the link should be displayed or not in the view and then one check in the controll to see if the customer has permission to view the page.