I think I've got a solution for this: Users are not AROs. I've introduced an intermediate class called an accountuser that represents a particular user's existence within a given account, and that seems a good candidate for an ARO, as they can different have access to different ACOs in different accounts, while sharing authentication data across all of them.
Potentially, some specific users could still be AROs, such as superusers that have access to everything in all accounts. Does this sound like a good idea? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
