I wrestled with ACL for a while, and finally decided that might be too much for what I'm doing. I only really need a few types of users and in that case it is simple enough just to have a field in the users table that specifies the type (or is a foreign key to the groups table, for example).
This way, I can just use $this->Auth->user() to find out what type of user is logged in, and then have different things happen in the view. Here's a question... Now that I've simplified things and am not using ACL, I still need to restrict access to the special actions. Do I need to manually check the user in each action and redirect if they are not supposed to acces it? It seems like there are two things. 1, changing the view and making certain actions visible to special user types, and 2, actually restricting other users form those actions in case they manually type them into the url. I'm just trying to do the simplest thing while sticking with cake conventions. Thanks for your thoughts, Jason Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
