CakePHP 2.10: Checking ACLs from outside controllers

Question

Is there a way to check ACLs in CakePHP (2.10) outside of controllers? I know that you can check ACLs from inside controllers by including AclComponent and then doing something like this:

$canEdit = $this->Acl->check('User.1', 'Post.1', 'update');

Is there a way to do this somewhere else, for example from inside a shell class or from inside a model?

Thanks in advance!

Answer 1

Well, you could do what the ACL shell does, that is make use of the component. Personally I'm not a fan of that, given that components were ment to be services for the controller layer, but oh well, it's what CakePHP 2.x does internally, and the ACL adapters are tangled to components too, and therefore to the controller layer, see AclInterface::initialize() which expects a Component instance.

App::uses('Controller', 'Controller');
App::uses('ComponentCollection', 'Controller');
App::uses('AclComponent', 'Controller/Component');

$controller = new Controller();
$collection = new ComponentCollection();
$Acl = new AclComponent($collection);
$Acl->startup($controller);

$canEdit = $Acl->check('User.1', 'Post.1', 'update');

If you were to use database backed ACL only, ie you wouldn't need the abstraction provided by the component, then you could also simply access the Permission model, which is being used internally by the database ACL adapter, and provides the methods for checking permissions:

App::uses('ClassRegistry', 'Utility');

$Permission = ClassRegistry::init(array(
    'class' => 'Permission',
    'alias' => 'Permission'
));

$canEdit = $Permission->check('User.1', 'Post.1', 'update');

See also

• Source > AclShell::startup()
• Source > Permission::check()
• API > Permission::check()