I have to agree with Zaky on this; ACL is a killer for small apps.
Even with my large scale project, there was a point where I wanted
(among other things, I am 100% responsible for ACL) to throw it away
and implement my own, not so cakish, but a working solution. It took a
lot of research to make
@Zaky:
I'm really pleased that you managed to get your head around ACL, but I
have to disagree with you and say it's is a lot more complex than the
other solutions offered.
The very fact that there is a need to write a Be brave and stick with
it paragraph in the cookbook proves that a lot of
Clean your mind and try again.
ACL is more powerful and not more complicate then the proposed solutions in
this thread.
Take the tutorial
http://book.cakephp.org/view/641/Simple-Acl-controlled-Application
As written in the Book
Be brave and stick with it, even if the going gets rough. Once you
I set $this-Auth-authorize = 'controller'; in app_controller and
then create an isAuthorized() function in each controller returning
true/false depending on if the user is allowed to access the action
and/or record being requested.
Obviously in your controllers/views you also need logic checks to
I wrestled with ACL for a while, and finally decided that might be too
much for what I'm doing. I only really need a few types of users and
in that case it is simple enough just to have a field in the users
table that specifies the type (or is a foreign key to the groups
table, for example).
This
I am using the AuthSome component (Auth alternative) from Debuggable,
together with this:
http://josediazgonzalez.com/2010/01/11/you-want-access-well-you-no-can-has-cakephp-access-component/
Works a treat. :)
On Apr 24, 12:31 am, paws_galuten jason.galu...@gmail.com wrote:
I wrestled with ACL
I am using ACL on a huge project. It does really help. I have all kind
of users and access types - access based on user groups, based on
actions, based on the company they belong to (user rights are defined
on the company user belongs to - user can only manage certain records
in the DB per
