Faza, appreciate the help. The problem I see with your approach occurs in your earlier example here: >>in view i put this: (yes, I will make a helper to do it one day) if (in_array($session->read('Auth.User.group'), array("Administrator", "Designer")) { ...
} This assumes (hard-coded in the view) that group "Designer" will always have access to this particular view item. If you remove the right from the designer group, but the logged in user is still a member of group "Designer" then the condition will still pass. It's only checking group membership, not the rights of that group (really, the effective rights of the user is what should be checked) to that particular action in the view. What I want is a way, from the view, is to check if the logged-in user has access to a particular controller/action pair, so that I can show or hide links to any clickable link. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---