I have never implemented ACL in a CakePHP app. Not sure why; partly because I never really took the time to get it, partly because the control freak in me comes out (I can see the permissions code I write but [because of my lack of understanding] the ACL and its tables are dark) and partly because what I already do works. So I've taken the time to go through the 2.0 tutorial to try and make that leap. I get how it works but I have a couple of (possibly dumb) conceptual questions because, right now, I am still not convinced.
(1) A user is in a Group. ACL can define permissions for that Group and even to that user. How is this different to using prefix routing where you can test for the presence of the prefix and membership of the group? (2) What if permissions are role based and a user can be in more than one group? For example, a user can be a teacher, and a board member (not all board members are teachers and not all teachers are board members) and maybe even a student too. Their interaction with the app 'at that time' defines the role you should be checking for. I can see how I'd program that; can I do many-to-many users-groups in ACL? How would that work? If the answer is to apply individual permissions to users, that's a lot of admin on a large system. (3) By checking permissions against a database, is there not a (however small) performance hit with the extra db query that is not needed when permissions are defined in code? Don't leap all over me for asking stoopid questions because I bet I have asked what others are thinking! Sell me ACL! -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
