<?php 
class InitAclController extends AppController
{
  var $name = 'InitAcl';
  var $component = array('Acl');
  var $uses = array();

  function setupAcl()
  {
    $aro = new aro();

    $aro->create();
    $aro->save(array(
      'model'=>'User',
      'foreign_key'=>null,
      'parent_id'=>null,
      'alias'=>'Admin'));

    $aro->create();
    $aro->save(array(
      'model'=>'User',
      'foreign_key'=>null,
      'parent_id'=>null,
      'alias'=>'User'));

    $aro->create();
    $aro->save(array(
      'model'=>'User',
      'foreign_key'=>null,
      'parent_id'=>null,
      'alias'=>'Guest'));

    $parent = $aro->findByAlias('Admin');
    $parentId = $parent['Aro']['id'];    

    $aro->create();
    $aro->save(array(
      'model'=>'User',
      'foreign_key'=>1,
      'parent_id'=>$parentId,
      'alias'=>'User::1'));

    
    
    $aco = new Aco();
    $aco->create();
    $aco->save(array(
       'model'=>'User',
       'foreign_key'=>null,
       'parent_id'=>null,
       'alias'=>'User'));
       
    $aco->create();
    $aco->save(array(
       'model'=>'Post',
       'foreign_key'=>null,
       'parent_id'=>null,
       'alias'=>'Post'));
   }
   // Give admin full control over acos 'User' & 'Post'
   $this->Acl->allow('Admin', 'User', '*');
   $this->Acl->allow('Admin', 'Post', '*');

   // Give the user group only create & read access for 'Post' 
   $this->Acl->allow('User', 'Post', array('create', 'read'));

   // Give the Guests only create access for 'User'
   $this->Acl->allow('Guest', 'User', 'create');
}
?>