4. Checking Permissions: The ACL Component

Checking permissions is the easiest part of using Cake's ACL: it consists of using a single method in the Acl component: check(). A good way to implement ACL in your application might be to place an action in your AppController that performs ACL checks. Once placed there, you can access the Acl component and perform permissions checks application-wide. Here's an example implementation:

class AppController extends Controller 
{
    // Get our component 
    var $components = array('Acl');

    function checkAccess($aco)
    {
        // Check access using the component:
        $access = $this->Acl->check($_SESSION['user_alias'], $aco, $action = "*");
 
        //access denied
        if ($access === false)
        {
            echo "access denied";
            exit;
        }
        //access allowed
        else
        {
            echo "access allowed";
            exit;
        }
    }
}

Basically, by making the Acl component available in the AppController, it will be visible for use in any controller in your application.

// Here's the basic format:
$this->Acl->Check($aro, $aco, $action = '*');