I'm working on a rather large app, where we have more than 7 user
roles, each of which will have permission to access different parts of
Now the User/Admin system is falling short so I need to redefine the
access control system.
I am thinking of coding something like cakephp uses, with aro's and
aco's but is rather unmantainable to have a table with every single
possible route and grant access to roles.
what is the best way to manage access control? how do you do it?