I set $this->Auth->authorize = 'controller'; in app_controller and then create an isAuthorized() function in each controller returning true/false depending on if the user is allowed to access the action and/or record being requested.
Obviously in your controllers/views you also need logic checks to only show add/edit/delete links if the user has access to those actions for the record being viewed. HTH Paul Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
