CakePHP ACL - Multiple Group Models

1
votes

I'm implementing the ACL component with my CakePHP app. I have everything set up correctly regarding users and groups, however the app will have multiple access areas where permissions are set based not only for users but for other AROs as well. For instance, a ticket (ARO) wants access to a support team (ACO) based on which ticket group it belongs to.

I'd like to have two separate user/group models acting as ACL requesters that are binded to each other e.x

- Users
  - User
  - Group

- Tickets 
  - Ticket
  - Ticketgroup

What I am unsure of is if it's possible to use the ACL component on this scale, having two separate user/group models binded to one another in the same ACL?

1
phpcakephppermissionsacl

1 Answers

0
votes

Not sure if I understand the problem perfectly, but it should work if you have two separate trees with two separate root nodes in your ARO table:

AllGroups
  - Group1
    - User1
    - User2
AllTickets
  -TicketGroup1
    - Ticket1
    - Ticket2

Use the AclBehavior::parentNode() methods to tie up the Group model to the User model as well as the TicketGroup model to the Ticket model.

Then you can use AclComponent's methods (allow(), check(), etc.) between an ACO of the type :controller/:action against an ARO of type Group/User as well as say another ARO of type TicketGroup/Ticket. This will help separate the ARO resolution and avoid any conflicts between the two types of groups.