I have been looking at CakePHP's ACL tutorials over the last week and it all seems massively complicated. For instance say I had a website that was a simple blog and had the following user types: Admin, Member and Guest. Why could I not have a users table and a groups table (the groups table having a simple CRUD set of columns with 0 or 1 values for each group type) and then link the users to the groups with a simple ID. And then in the controller just check if the user is logged in or if they are in which group to allow access.
I'm confused about why ACL requires all that additional code and tables, more so why does the ACL table need rebuilding when ever a new controller is created?
If someone could explain some of these questions, it'd be much appreciated. Thanks.