Solution is not very simple like 5 min minimal setup, and is not
really complex as ACL is!
5 min is very weak because it is hard-coded (bad coding)
ACL is an overkill as you know, especially if it is not for a record-
level-based permission system
Check out the new CakePHP Questions site http://cak
In my setup I have 3 routes set up Admin, Manager, Member. The controllers
each have admin_ manager_ and member_ function / action since each role
plays a different part in the site.
So a member for example can only access member_ functions / actions and I
have in app_controller beforeFilter():
Hey,
you could do a quick check whether a record belongs to a user or not
and then redirect him/her or sth like that.
For example, if a user tries to edit it's own record, and the url
would be users/edit/5 (which means you call the action 'edit' in your
user's controller, and the record-id is 5)
