I'm implementing ACL in a CakePHP app that I have and I seem to be struggling with setting up ACOs. I've been following the Simple ACL Controlled Application tutorial and I've set up the aros, acos and aros_acos tables fine, and adding AROs via groups/add and users/add works great - they get added to the aros table.
Now I'm at the part where I have to set up ACOs, and I'm a bit lost if I'm honest. The tutorial uses a console plugin to register the ACOs. However, this Net Tuts adds them manually using:
$aco = new Aco();
$aco->create();
$aco->save(array(
'model' => 'User',
'foreign_key' => null,
'parent_id' => null,
'alias' => 'User'
));
$aco->create();
$aco->save(array(
'model' => 'Post',
'foreign_key' => null,
'parent_id' => null,
'alias' => 'Post'
));
Using this manual code we're creating ACOs for the User and Post controllers as a whole - I get that. What if I wanted to then set up an ACO for say the edit action for the user controller? How would that syntax look?
I think I'd rather just code it like this within an install_aco() function in a controller than use the plugin you see.
Or...couldn't I just control access to controller/actions using Auth without using the ACL at all? For example, I could add a 'role' field to the users table, and then in the beforeFilter() of controllers I could check the role, and redirect the user if they don't have the correct role/permission. What would be the downside to this?
Anyway, I'd really appreciate some help here and many thanks for reading.
