I usually have the "Guest" or "Public" group at the root of the tree as they usually have the bare minimum access rights. All subsequent groups just extend the base permission set.
And how you describe identifying a guest user is pretty much what I do - if they are not logged in I set them as a public user in the session. Geoff -- http://lemoncake.wordpress.com On Sep 28, 12:00 am, cakeFreak <[EMAIL PROTECTED]> wrote: > Hey guys I was just wondering what is the best way to handle "Guests" > woth ACL. > > Let's say I have my Groups as follows: > > - Admin > ----- Editors > ----- Users > > - Guests > > I was thinking to do something like this in a beforeFilter function in > my AppController > > ------------------------------------------------------------------------------------------------------------------------- > 1) Check if current user is logged in > 2) Check session and see if we have a key with his usergroup > 3) if the user is not logged in, and there isn't a usergroup key in > the session, write to the session that it belongs to group "Guests" > ------------------------------------------------------------------------------------------------------------------------- > > Is this the right way to proceed? > Would you put the *Guest* group as authonomous, or as descendant of > the *User* group? > > Cheers Dan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
