Setting Auth & ACL in CakePHP

In last few days I learned CakePHP and now I am finding it very interesting. I learned the basics about creation of models and their relationships. Now its time to move ahead. I am exploring more features and I started with inbuilt Auth component of CakePHP which I found very interesting. Let me tell you one thing that if you are following the conventions you can save a lot of time.

To set up Auth and ACL for my application I followed Mark Story’s post which is very helpful. I followed the tutorial and I was easily able to setup Auth & ACL for my application.

But in my application every user belongs to some group and it must inherit permission from that group only. There should not be any user wise permission. This case is not handled in the above tutorial. So, whenever I add new user a new ARO record is being created in aros table, which is not required. I dont want any ARO record for my users as they are inheriting permission from their group. To achieve this functionality I modified $actAs variable as follows:

Look at the declaration carefully as I am passing two parameters type and enabled. Second parameter enabled tells the behaviour class not to look for ARO record for User model if there is already a ARO record of parent Group model. Now we have to define a function bindNode to tell that this user is bind to which ARO node. This function must return a reference to group model. So our bindNode function would look like:

Leave a Reply

Your email address will not be published. Required fields are marked *