To expand on this, the relations would look like this: User belongs to Group and Role (you can to HABTM, but lets keep it simple) Both Group and Role are AROs ACOs can either be areas (/posts/index/) or resources (Post.232 + CRUD permission)
When a user access the following area - /posts/edit/232/ the following would happen 1) Does this user belong to a role that allows him/her to be here? If No - STOP, else proceed 2) Does the user belong to a group that allows him to edit this resource? If no - STOP, else proceed. Yay or nay? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
