2
votes

I have been looking at CakePHP's ACL tutorials over the last week and it all seems massively complicated. For instance say I had a website that was a simple blog and had the following user types: Admin, Member and Guest. Why could I not have a users table and a groups table (the groups table having a simple CRUD set of columns with 0 or 1 values for each group type) and then link the users to the groups with a simple ID. And then in the controller just check if the user is logged in or if they are in which group to allow access.

I'm confused about why ACL requires all that additional code and tables, more so why does the ACL table need rebuilding when ever a new controller is created?

If someone could explain some of these questions, it'd be much appreciated. Thanks.

2
You can use the Auth component without using ACL - see this video: tv.cakephp.org/video/andrewperk/2011/01/27/…Tomba
Here is another video: youtube.com/watch?v=M40PgwLqS2MOldWest

2 Answers

0
votes

It sounds like what you may want to check out a plugin called Permissionable since it has the concepts of groups. It has a bit of a learning curve to grasp the concepts behind it but if you're familiar with UNIX permissions, that will help.

Here is a good explanation on it.