Check acl permissions in cakephp 4.4

How is it correct to check an acl permission? For example is contradictory to check a permission for add aco and action read, right? I only should check permission for add aco and create action, edit aco and update action and delete aco and delete action, and for index and view acos I should check all actions, right?

you have to create polices or you can use Authentication plugin GitHub - CakeDC/users: Users Plugin for CakePHP.

this is called a RBAC system, so its just role based permission, if user have valid role then he/she can access that controller method.
Before using RBAC system, you must read complete docs first

You should pay attention to what you read, I am asking about acl not cakedc users.
I read a bit about acl, but all the documentation is about cakephp 1.x or 2.x and is very different in cakephp 4.x

yes I read it all sir, I know what do you want. Read docs this plugin or cakephp docs then you will get points.

There is no official documentation about acl in cakephp 4.x, can you tell me please where I can find a kind of help for acl in cakephp 4.x? I could implement it but I have some doubts

See CakeDC | Integrating Users and ACL plugins in CakePHP | The minds behind CakePHP on how to integrate ACL with CakePHP (even if its CakePHP 3 and not 4)

In this specific scenario they use cakedc/users as the base auth system BUT do keep in mind:
the ACL plugin is just a model behavior which checks if a given requester (ARO) has access to a given object (ACO) via a action.

so it doesn’t really matter if you use the new auth plugins or something older.

Hello @KevinPfeifer I read this article and go through this but it does not work with cakephp 4.4.15 latest version. can you explain here how can I implement role and permission in database table where admin can set permission for Users and others

I have not planned to do a ACL youtube tutorial yet and as you can see in the linked tutorial from CakeDC it isn’t just a few steps to set this up correctly.

So I can’t really help you here.

So how does I solve this is problem @KevinPfeifer? if you really make youtube tutorial about ACL then please do it man and tell me your channel I definitely support you there and I follow the same steps as CakephpDC explain but I can’t some points. 1:- I am using Authentication plugin not Auth, cakephp remove this component in future so I am choosing Authentication plugin with Authorization. CakephpDC do it with $this->Auth component and i did this same way with Authentication plugin but i did’t get valid response I mean user easily access prohibited Area so it means that ACL not working or My be I do something Wrong.

please @KevinPfeifer if you can please help me out buddy I have very close to dead line of project

@KevinPfeifer why you can not help him bro? help him

Hy! @lish If you trust me please transfer your Application on Laravel or Codeigniter. My personal Experience about Cakephp is that Cakephp community does not help you. No plugin are working condition, not well documentation are there, not explain good examples are there, even official team members are refused to help you so better way is that choose right framework. Laravel provide easily this system which you want @lish and Cakephp Far away from Laravel and Laravel Echo System.

@daryl you understand that this is a purely volunteer driven site, right? People are not paid to help others here. We donate our time to help people with problems that we know how to help them with. Your personal experience has been that you argued with the people who were trying to give you help, so no wonder that you didn’t in the end get some useful help. MANY others have come here for assistance and received it. I personally have apparently posted around 2000 comments here to help people out, plus StackOverflow and Slack, and I’m just one of many that can say the same. If you don’t like Cake, that’s fine, not everything is for everyone, but bad-mouthing volunteers and trying to trash their hard work is not productive for anyone.


Hello @KevinPfeifer bro I have same question and request if you really explain it through YouTube tutorial please make tutorial as soon as please. I am developing e commerce web application where saler can set role for staff and permission for product view and add or delete like functions so please bro if you really help us :face_holding_back_tears:. I am totally stuck at this point.

As you can probably understand I also have limited time (especially in the last few months where I am in the midst of a big project) so thats why I haven’t published a youtube video recently.

But you already use cakedc/users so you should at least have easy access to its RBAC so you should be able to assign roles to users and restrict actions for those specific roles (via the config/permissions.php).

Also - as Zuluru already said - we are all volunteeres here and not in any way or form responsible or obliged to follow up on any requests. We just help when we can and are happy if we can help.

But its not always possible to find a solution to every question/request.

Yeah I understand bro deficiency of time but whenever you have time then try to explain, and cakephpdc article old code based even I try cakephpDc Auth plugin for permission but that permissions are static not dynamic as if admin want to create new role

You can clearly seen all roles are Static and action based permission are also limited, so please we need your help @KevinPfeifer if you can please

You never mentioned you want to have dynamic roles and permissions so thats why I always recommended that plugin.

But this plugin does not provide that dynamic RBAC / Permission system you require.
I am also not aware of any plugin which does so in the end you have to implement that yourself.

If you build that based upon CakeDC/Users functionality or the base Authentication/Authorization plugins is up2you.

Yeah I will create this functionality by own myself. I think this is very basic thing for now a days @KevinPfeifer, every e-commerce plateform required this system… Amazon seller account have the same panel where admin assign role and permission not even require only for e-commerce application but other app’s too so cakephp must be include this functioning into cakephp default core system/functionality. No need dependency no need any package if cakephp provide this out of the box. although I will manage it and find solution for this confusion

Well if you are successful in completing this functionality, you could definitely try to create your own cakephp plugin and publish it so others don’t have to go through the same again :grin:

The idea behind CakePHP’s plugins like authentication, authorization, queue etc. is to provide opt in functionality for whoever needs it. But the core itself should not contain such complicated dynamic permission system since not everyone using CakePHP needs that.

Also CakePHP is not a fully fledged CMS like Drupal, its a MVC framework to help you develop exactly what you need.


Ah!!! I am still struggling to find solution for this task @KevinPfeifer. I have try everything install ACL through composer and follow the steps and read this article but it has not helped me :laughing:
Then I try with Authorization and Policies but result are same. Just right now i just create Request policy and now i try to check user permission in this policy during the requesting time if it will work then really good for me and i will definitely share my code with all respected Developers, specially with @daryl :joy:

Hello @KevinPfeifer So I done it without any plugin like Acl… but using Authentication and Authorization these plugin are compulsory for validate user’s so I used them… but User Permission done without any third party plugin. Now this permission working on Action Level so i am trying to Implement on Controller Level and Action Level…

Screenshot from 2023-07-28 22-07-58