Skip to content
Plugin to manage Acl for CakePHP 2.x
Branch: stable
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

AclManager for CakePHP 2.x

This plugins allows you to easily manage your permissions in CakePHP 2.x through the Acl module.


  • Managing permissions for each node
  • Updating Database with missing AROs (Users, Roles, ...)
  • Updating Database with missing ACOs (Controller actions)
  • Revoking all permissions


  • CakePHP 2.x

How to install

1. Set up your Acl environment

  • Install SQL tables through Cake Console
  • parentNode() method on your requester models

See: CakePHP: Simple ACL Controlled Application

2. Configure Auth in your AppController

It should look something like this:

var $components = array('Auth', 'Acl', 'Session');

function beforeFilter() {
    //Configure AuthComponent
    $this->Auth->authorize = array(
        'Actions' => array('actionPath' => 'controllers')
    $this->Auth->authenticate = array(
        'Form' => array(
            'fields' => array(
                'username' => 'login',
                'password' => 'password'
    $this->Auth->loginAction = array(
        'controller' => 'users',
        'action' => 'login',
        'admin' => false,
        'plugin' => false
    $this->Auth->logoutRedirect = array(
        'controller' => 'users',
        'action' => 'login',
        'admin' => false,
        'plugin' => false
    $this->Auth->loginRedirect = array(
        'controller' => 'products',
        'action' => 'index',
        'admin' => false,
        'plugin' => false

function isAuthorized($user) {
    // return false;
    return $this->Auth->loggedIn();

3. Download AclManager


Download the stable branch ( and paste the content in your app/Plugin/ directory.

With Composer

  1. Install composer in the app/ folder of your project.
  2. Add "fmcorz/acl-manager": "stable" to your require key in your composer.json file. (More about this)
  3. Run php composer.phar install to install the plugin.

Composer documentation

4. Configure the plugin

See AclManager/Config/bootstrap.php

AclManager.aros : write in there your requester models aliases (the order is important)

5. Enable the plugin

In app/Config/bootstrap.php

CakePlugin::load('AclManager', array('bootstrap' => true));

6. Login with an existing user

The plugin conflicts with $this->Auth->allow(), do not use it. Just make sure that you are logged in.

7. Access the plugin at /acl_manager/acl

  • Update your AROs and ACOs
  • Set up your permissions (do not forget to enable your own public actions!)

8. Disable the authorizer Controller

Or uncomment return false in AppController::isAuthorized()

9. You're done!



Licensed under the MIT License

You can’t perform that action at this time.