Hi,

I am still learning how to best develop Joomla components and have found the Cook component generator to be a great way to create components. I have a question about how to best implement a data level access security within a component I'm developing and was hoping someone might give me some guidance.

My situation is as follows:

I am developing a Ride Leader Scheduling System for a bicycle club. There are a number of different regular "rides" that are managed by "coordinators". So I have a Ride table with all the attributes of the particular ride (such as pace, ride start point, etc.) as well as the coordinator name.

There are authorized Ride Leaders for the various rides but these are managed by the Ride Coordinators. So Ride "A" might have a list of 10 Ride Leaders and ride "B" might have another list of 10 Ride Leaders. There can be overlap so it is a many-to-many relationship. Multiple authorized Ride Leaders per ride and any given Ride Leader might be authorized for multiple Rides.

The Leaders and Coordinators are all Joomla users.

I have defined a "leaders" table with the Leader name and the Ride that leader is authorized for. If a leader is authorized for multiple rides then there would just be mulitple rows in the table - so neither the leader nor the ride is a unique value in this table.

My question is this - is there a way using the Cook and Joomla configuration to set it up so coordinators can only add, delete, edit leaders for the rides that they are the coordinator for? So for example, the coordinator for Ride A couldn't add or delete a leader in the leader table for Ride B.

I'm confident I can custom code the logic to do this, but it would be preferable to do it without customization if that is possible.

Thanks in advance and I hope this makes sense.

Rick