In the example below I have the following models:

• Patient
• Specimen
• Result
• ResultType

The associations in the model are:

• Result
  • belongsTo
    • ResultType
      • hasMany
        • Result
    • Patient
      • hasMany
        • Result
        • Specimen
    • Specimen
      • belongsTo
        • Patient
      • hasMany
        • Result

$paginate in the Result Controller

Original version

var $paginate = array(
		'fields' => array(
			'ResultType.type',
			'Specimen.draw_date',
			'Result.id',
			'Result.patient_id',
			'Result.specimen_id',
			'Result.result',
			'Result.created',
			'Result.modified'
			),
		'recursive' => 0,
		'limit' => 50);

The Same Thing Using Containable

var $paginate = array(
		'fields' => array(
			'id',
			'patient_id',
			'specimen_id',
			'result',
			'created',
			'modified'
			),
		'limit' => 50,
		'contain' => array(
			'ResultType' => array(
				'fields' => array(
					'ResultType.type',
					'ResultType.id'
					)
				),
			'Specimen' => array(
				'fields' => array(
					'Specimen.id',
					'Specimen.draw_date'
					)
				)
			)
		);

The SQL

SQL Generated from the Original $paginate var

SELECT COUNT(*) AS `count`
FROM `results` AS `Result`
LEFT JOIN `result_types` AS `ResultType`
ON (`Result`.`result_type_id` = `ResultType`.`id`)
LEFT JOIN `specimens` AS `Specimen`
ON (`Result`.`specimen_id` = `Specimen`.`id`)
LEFT JOIN `patients` AS `Patient`
ON (`Result`.`patient_id` = `Patient`.`id`)
WHERE 1 = 1

/* 1879 milliseconds */

SELECT `ResultType`.`type`, `Specimen`.`draw_date`, `Result`.`id`, `Result`.`patient_id`, `Result`.`specimen_id`, `Result`.`result`, `Result`.`created`, `Result`.`modified`
FROM `results` AS `Result`
LEFT JOIN `result_types` AS `ResultType`
ON (`Result`.`result_type_id` = `ResultType`.`id`)
LEFT JOIN `specimens` AS `Specimen`
ON (`Result`.`specimen_id` = `Specimen`.`id`)
LEFT JOIN `patients` AS `Patient`
ON (`Result`.`patient_id` = `Patient`.`id`)
WHERE 1 = 1
ORDER BY `Result`.`created` desc
LIMIT 50

/* 2106 milliseconds */

SQL Generated Using Containable Behavior

SELECT COUNT(*) AS `count`
FROM `results` AS `Result`
LEFT JOIN `result_types` AS `ResultType`
ON (`Result`.`result_type_id` = `ResultType`.`id`)
LEFT JOIN `specimens` AS `Specimen`
ON (`Result`.`specimen_id` = `Specimen`.`id`)
WHERE 1 = 1

/* 10 milliseconds */

SELECT `Result`.`id`, `Result`.`patient_id`, `Result`.`specimen_id`, `Result`.`result`, `Result`.`created`, `Result`.`modified`, `ResultType`.`type`, `ResultType`.`id`, `Specimen`.`id`, `Specimen`.`draw_date`
FROM `results` AS `Result`
LEFT JOIN `result_types` AS `ResultType`
ON (`Result`.`result_type_id` = `ResultType`.`id`)
LEFT JOIN `specimens` AS `Specimen`
ON (`Result`.`specimen_id` = `Specimen`.`id`)
WHERE 1 = 1
ORDER BY `Result`.`created` desc
LIMIT 50

/* 19 milliseconds */

The Difference

The first set of queries took nearly 4 seconds. The second: 29 milliseconds. Containable just gives you so much more control over what’s selected in your query. Using recursive => 0 still joined the patients table both times even though we didn’t need it because it was associated in the model. Using the Containable Behavior in the second example removed the patients table from the queries altogether.

This is one of the key pitfalls of using a framework like CakePHP; You can get things running quickly, but you have to go back and optimize. Otherwise you can build a heavy load on the server.

Resources

• CakePHP
• The Containable Behavior
• The Recursive Model Attribute

Similar Posts:

• CakePHP: Containable Behavior is Your Friend
• Use Functions from Other Controllers While Maintaining MVC Architecture in CakePHP
• Getting Blueprint CSS & JavaScript Libraries Into Your CakePHP Layout
• Roll Your Own CakePHP Components
• Simple Security in CakePHP

The Security component will create a hash based on the form fields produced by our Form Helper. If someone tampers with the form fields (by adding or removing or changing any field), the hash is not going to match with the expected one and the add() action will fail.

Yep, it’s that simple.

Really? It just can’t be that easy, can it? Yes. It can. I simply added the Security Component to my controller like so:

var $components = array('Security');

Sure enough, when I reloaded a page with a form in my browser, this hidden field was there:

<input id="TokenFields1483167134" name="data[_Token][fields]" type="hidden" value="f513aebc448fabe42c7feedf31d43fa5bd71ec79%3An%3A0%3A%7B%7D" />

I installed a Firefox Add-on that allowed me to tamper with the POST data, and when I submitted the form, it failed, or in CakePHP terms, it was “Blackholed.” Awesome.

This isn’t going to protect me from all attacks, but it certainly is a good, easy start to implementing security in my application.Similar Posts:

• Simple Security in CakePHP
• Roll Your Own CakePHP Components
• And We’re Back!
• CakePHP: Containable Behavior is Your Friend
• Wow. ACL is Hard

Usage: cake acl <command> <arg1> <arg2>...
———————————————–
Commands:

create aro|aco <parent> <node>
Creates a new ACL object <node> under the parent specified by <parent>, an id/alias.
The <parent> and <node> references can be in one of the following formats:

• – <model>.<id> – The node will be bound to a specific record of the given model
• - <alias> – The node will be given a string alias (or path, in the case of <parent>),

i.e. ‘John’.  When used with <parent>, this takes the form of an alias path,
i.e. <group>/<subgroup>/<parent>.
To add a node at the root level, enter ‘root’ or ‘/’ as the <parent> parameter.

delete aro|aco <node>
Deletes the ACL object with the given <node> reference (see ‘create’ for info on node references).

setParent aro|aco <node> <parent>
Moves the ACL object specified by <node> beneath the parent ACL object specified by <parent>.
To identify the node and parent, use the row id.

getPath aro|aco <node>
Returns the path to the ACL object specified by <node>. This command is useful in determining the inhertiance of permissions for a certain object in the tree.
For more detailed parameter usage info, see help for the ‘create’ command.

check <aro_id> <aco_id> [<aco_action>] or all
Use this command to check ACL permissions.
For more detailed parameter usage info, see help for the ‘create’ command.

grant <aro_id> <aco_id> [<aco_action>] or all
Use this command to grant ACL permissions. Once executed, the ARO specified (and its children, if any) will have ALLOW access to the specified ACO action (and the ACO’s children, if any). For more detailed parameter usage info, see help for the ‘create’ command.

deny <aro_id> <aco_id> [<aco_action>]or all
Use this command to deny ACL permissions. Once executed, the ARO specified (and its children, if any) will have DENY access to the specified ACO action (and the ACO’s children, if any). For more detailed parameter usage info, see help for the ‘create’ command.

inherit <aro_id> <aco_id> [<aco_action>]or all
Use this command to force a child ARO object to inherit its permissions settings from its parent. For more detailed parameter usage info, see help for the ‘create’ command.

view aro|aco [<node>]
The view command will return the ARO or ACO tree. The optional id/alias parameter allows you to return only a portion of the requested tree. For more detailed parameter usage info, see help for the ‘create’ command.

initdb
Uses this command : cake schema run create DbAcl

help [<command>]
Displays this help message, or a message on a specific command.

The ‘create’ help file

Usage: cake acl <command> <arg1> <arg2>…
———————————————–

• Commands:
  • create aro|aco <parent> <node>
    • Creates a new ACL object <node> under the parent specified by <parent>, an id/alias. The <parent> and <node> references can be in one of the following formats:
      • - <model>.<id> – The node will be bound to a specific record of the given model
      • - <alias> – The node will be given a string alias (or path, in the case of <parent>), i.e. ‘John’.  When used with <parent>, this takes the form of an alias path, i.e. <group>/<subgroup>/<parent>. To add a node at the root level, enter ‘root’ or ‘/’ as the <parent> parameter.

Similar Posts:

• CakePHP Console ACL Help File
• Wow. ACL is Hard
• Google’s AppEngine
• Getting Blueprint CSS & JavaScript Libraries Into Your CakePHP Layout
• Wordpress’ Auto Update Is OK, But The Command Line Is Faster

requestionAction may not be the best solution. Read this.

At my day job, I’m working on an application to keep track of specimens for our lab. A specimen is sent to the lab, then divided into aliquots which are put into boxes and stored in freezers. The previous sentence ought to give you some idea of the architecture of the database, which in turn drives the Model for my application.

To take a step back for a second, I’m developing the application using the CakePHP framework which uses MVC architecture.

As you may have guessed I have specimen, aliquot, boxes and freezers tables. In turn then, I have Specimen, Aliquot, Box and Freezer Models.

The trick here is that I want to alert users when there are aliquots in the system that have not yet been assigned to boxes. It’s a simple query:

SELECT COUNT(aliquot.id)
FROM aliquots
WHERE aliquots.box_id IS NULL

The problem is that I want the number of unstored aliquots to be displayed on every page in the left column as a persistent reminder that there are are aliquots that need to be put away. I want to do that in a way that maintains the MVC architecture and doesn’t violate the DRY philosophy.

Since the query is run on the aliquots table and each view is generally specific to it’s own model, I either have to run a recursive query to access data across models–which adds overhead–or implement the solution below which lightens the load a bit and is a more elegant bit of code. (Tip of the hat to Jon Bennet for offering the solution.)

The solution involves CakePHP’s requestAction().

I can define the method in my aliquots controller and call it from anywhere. So if aliquots_controller.php has a method that retrieves the data from the model (in this case called ‘unstored’) I can simply put the following code into my layout:

$unstored = $this->requestAction('aliquots/unstored');
if(!empty($unstored)) {
echo $html-&gt;link('<strong>' . $unstored['unstored'] . ' aliquots have not been stored.</strong>', '/aliquots/store');
}

I only have to define the method once to use it throughout my application. Problem solved.Similar Posts:

• Use Functions from Other Controllers While Maintaining MVC Architecture in CakePHP
• CakePHP: Containable Behavior is Your Friend
• Roll Your Own CakePHP Components
• Simple Security in CakePHP
• And We’re Back!

The other day I wrote about getting the Blueprint CSS framework into your Wordpress theme. If you’re developing in CakePHP, it’s even easier to link multiple style sheets and JavaScript libraries to your layout file.

<?php

$css = array('blueprint/screen', 'blueprint/ie', 'style');
$jslibraries = array('prototype', 'scriptaculous', 'jquery');
echo $html->css('blueprint/print', 'stylesheet', 'media="print"');
echo $html->css($css, 'stylesheet', 'media=”screen, projection”');
echo $javascript->link($jslibraries);
?>

Let’s take these one at a time.

$css = array('blueprint/screen', 'blueprint/ie', 'style');

CakePHP’s html helper will load any css file you specify. First, make sure the css files are in app/webroot/css. Then put any css files you want to link to your layout in an array like I have above. You might have noticed that I didn’t include print in my array. That’s because we want to add an media=”print” as a separate attribute that the other style sheets won’t have.

Once they’re loaded into your array, simply put echo $html->css($css); in the head of your layout. The output will be:
<link rel="stylesheet" type="text/css" href="/app/webroot/css/blueprint/screen.css" />
<link rel="stylesheet" type="text/css" href="/app/webroot/css/blueprint/ie.css" />
<link rel="stylesheet" type="text/css" href="/app/webroot/css/style.css" />

We still haven’t linked our print style sheet. Make sure you link the print style sheet above the others so they override it. We can add media="print" by putting this into our layout head:

echo $html->css('blueprint/print', 'stylesheet', 'media="print"');

So now:

$css = array('blueprint/screen', 'blueprint/ie', 'style');
echo $html->css('blueprint/print', 'stylesheet', 'media="print"');
echo $html->css($css, 'stylesheet', 'media=”screen, projection”');

Results in:

<link rel="stylesheet" type="text/css" href="/cvp-msi/https/app/webroot/css/blueprint/print.css" media="print" />
<link rel="stylesheet" type="text/css" href="/cvp-msi/https/app/webroot/css/blueprint/screen.css" media="screen, projection" />
<link rel="stylesheet" type="text/css" href="/cvp-msi/https/app/webroot/css/blueprint/ie.css" media="screen, projection" />
<link rel="stylesheet" type="text/css" href="/cvp-msi/https/app/webroot/css/style.css" media="screen, projection" />

Two things to note. In $html->css($path, $attributes), the first argument is the path from app/webroot/css. The second argument is html attributes.

Linking JavaScript libraries is very similar.

$jslibraries = array('prototype', 'scriptaculous', 'jquery');

This will link to prototype.js, scriptaculous.js and jquery.js respectively as long as there in app/webroot/js.

Put echo $javascript->link($jslibraries); into the head of your layout and you’re done. You have all three JavaScript libraries at your disposal.

Other good resources:

• CakePHP Core Helpers
• Developing With CakePHP
• CakePHP API JavaScript link Helper
• CakePHP API CSS link Helper

Similar Posts:

• Getting Blueprint CSS & JavaScript Libraries Into Your CakePHP Layout
• Incorporating Blueprint CSS Into Your New Wordpress Theme
• Introducing the Baseline Development Wordpress Theme
• Blueprint CSS Readme File
• Baseline Theme Version 1.0.1

If you are still paying attention, I was complaining about ACL. After several attempts, I gave up using the built-in ACL component in CakePHP and just decided to keep things simple, use the Auth component with role-based access control. Problem solved.

The development of the application has progressed smoothly since getting over that hurdle.

In the meantime, I’ve been setting up my own virtual server for hosting websites for my freelance clients. That has been a learning experience in itself. I’ll post more about that as I formally launch that service.

I’m also way behind on podcasts for the Minneapoliscast podcast. I hope to resume that at a modest pace this fall.

More later as all of my respective projects get updates including SVN info on my CakePHP app.Similar Posts:

• And We’re Back!
• Simple Security in CakePHP
• MinneWebCon 2009
• Roll Your Own CakePHP Components
• Wow. ACL is Hard

Disclosure: I’m not formally trained as a programmer/developer. Everything I’ve learned, I’ve taught myself. So there are definitely some silos in my knowledge as I’ve learned things on the basis of necessity. I have, however, been developing in PHP for over six years. So it’s not all that bad.

So the learning curve for implementing ACL has been relatively steep for me. First, I had to get my head around the concept. The big picture is easy. What we’re after is a tree of access with ‘admin’ at the root and everything else branching off from that with diminishing access. That’s not hard to conceptualize. What is hard is putting that into practice.

I messed around with this for a long time before stumbling upon this tutorial about the Modified Preorder Tree Traversal Algorithm. Stop now. Read it. Come back.

Now you should understand the concepts that drive CakePHP’s ACL. Unfortunately here is also where we depart from using CakePHP’s tools. At least until a decent plug-in comes along that allows you to manage Access Request Objects (ARO) and Access Control Objects (ACO) via a good, web-based interface.

After many attempts with various solutions that are currently avaliable, I finally settled on Authake.

Pros:

• Works in CakePHP 1.2
• User, ARO & ACO adminstration is a snap
• Access control works immediately without modifying anything you’ve built in your app.

Cons:

• Installation requires you replace the entire CakePHP engine with Authake’s modified version. This will make upgrading CakePHP a lot harder.
• The developer has abandoned it in favor of developing in RoR. No hope for future versions unless the community continues development. Personally, I’d prefer a plug-in like Jeff Loiselle’s ACL Management Plugin that I could just drop right into app/plugins without replacing the entire installation. (The issue I have with Jeff’s are all listed on his “Known Bugs” list. Namely, “does not show inherited permissions, does not show full path in finder & does not have crud fields”. Unfortunately, those are three very major elements of managing ACL.)

If you are reading this in the not so distant future and someone had developed a plugin that has an admin area like Authake’s but drops into app/plugins like Jeff’s plugin, please, please let me know.Similar Posts:

• Wow. ACL is Hard
• CakePHP Console ACL Help File
• CakePHP: Containable Behavior is Your Friend
• And We’re Back!
• Wordpress’ Auto Update Is OK, But The Command Line Is Faster