Filling in the gaps
With CakePHP, you can build out parts of your application quickly and
easily, using scaffolding and Bake. Using ACLs, you can exercise a
great deal of control over many aspects of your application. There's
more that needs to be done for Tor. Here are some exercises to
try.
Dealers
As you may have noticed from the products views that Bake built, there
are links in the index view that point to dealers. Like you did with
products, use the Cake Console to build a controller and views for
dealers. Don't build a model, as you already have one defined and
related to products.
Modify the dealer's add action to verify
that the dealer name is unique.
ACLs
There's a bug in the add action for the
products controller. It doesn't check to see who can create a product.
This functionality should only be available to users. Fix the bug.
Once you have dealers built, using the ACL skills you have learned,
protect all dealer functionality from anyone not belonging to the
dealers group.
Once that is complete, using ACLs, allow any user to create a dealer.
You will note that the ACOs that are created for products go into ACO
groups representing the dealers. How would you set up ACLs so that any
member of the dealership could change a product, but only the product
creator could delete the product?
Views
In the products index view, come up with a way to only display
Edit and Delete buttons for products the user can
edit or delete.
| 
