cakephp : separate database access for admin users

I have been using cakephp for creating web application. In my current project there are two database users one for admin another for site users, how can I configure cakephp so that the admin can login to the site with more database operations po开发者_高级运维wer ?

Thank you

I agree. Sometimes, it's better having permissions handled in your application layer than the database layer. However, if you really, really want to have that extra layer of security in your database as well, then you should set up multiple database connections:

var $default = array(
    'driver' => 'mysql',
    'persistent' => false,
    'host' => 'localhost',
    'login' => 'normaluser',
    'password' => '',
    'database' => 'db',
    'prefix' => '',
);

var $admin = array(
    'driver' => 'mysql',
    'persistent' => false,
    'host' => 'localhost',
    'login' => 'adminuser',
    'password' => '',
    'database' => 'db',
    'prefix' => '',
);

You can then use $this->ModelName->setDataSource('admin') if the user is in the admin section, or whatever condition that you might impose.

I would suggest that you look at the admin_ prefix routing. CakePHP lets you handle admin powers quite easily. Prefix Routing Additionally, you can add a field in your users table to indicate the role of the user, and check that against the current prefix.

the most robust solution will likely be setting up Access Control Lists(ACLs). This will allow you to delegate permissions based on a user role that you designate.

For example admin has a group_id of 1, and users have a group_id of 2. Then you can allow admins to have access to certain operations within your web app.

Here's the cake documentation on this feature. http://book.cakephp.org/view/1242/Access-Control-Lists