Hi what is the best way to display or hide menus based on whether the user is an admin or if they are some general user?
I think: don’t generate them at php side, using isAuthorized() or checking roles or admin flag.
What I normally do is checking the role of the user at my template file and generate the menu links only if they are needed.
Perhaps hiding the menu will not protecting users with lower priviliges to access these actions. So you should always check permissions, and as @jarekgol mentioned the easiest way is isAuthorized()
, or use a users plugin like CakeDC/users
https://github.com/CakeDC/users
Do you do this by using the Session? I am assuming I can’t use the Auth component in a template, so how do I access the user object in a template?
you can set user data same way as anyother data in controller
$this->set('loggedIn', $this->Auth->user());
loggedIn
can be null or array
Auth is available throght the session in tempytes
if ($this->request->getSession()->read('Auth.User.role') == 'admin')
Not sure if applicable, but I sometimes have a Div and use
display:none when not needed, and display:block when needed.