Restricting data in controller's index method by user id

Hi. From the great tutorial I could pick up the right way to restrict user access to certain data in the Controller’s isAuthorized method. However, I wonder what is the right way of restricting the data in Controller’s index() method?

That is, if I have a User mapped to Customer, where and how I should restrict the data shown in the (index) view to contain only those Customers which belong to the User? Of course, I could walkthrough the CustomersTable object in the CustomersController index method and strip the “extra” customers, but somehow I feel that this should be done in the CustomersTable, but how? Probably there is an easy way which I just can’t think of.

Any help would be highly appreaciated.


In your action can you not do something like:

$userId = $this->Auth->user(‘id’);
$customers = $this->Users->find()->where([‘id’ => $id])->first()->customers;

$this->set(‘customers’, $customers);

Thanks for reply. I read the docs a bit more and ended myself using the following in index():
$customers = $this->Customers->find('all')->where(['Customers.user_id' => $userId]);