cakephp ACL: list all documents accessible to the user

Question

I am using cakephp for some time now and just started with ACL. I've got it up and running, except one thing. How can I find all documents available to the current user?

I have several groups (super users, admins and general users) set up in the Aros table. I have several documents which should be all accessible to the super users and admins, but only specific ones to the general users. The closest thing I came up with is:

$this->data=$this->Document->find('all',array('fields'=>array('Document.id','Document.filename','Document.title')));
foreach($this->data as $i=>$document){
    if($this->Acl->check(array('model'=>'User','foreign_key'=>$this->Session->read('User.id')),array('model'=>'Document','foreign_key'=>$document['Document']['id']))!=1){
        unset($this->data[$i]);
    }
}

The problem with the above "solution" is that it first queries all documents (which will become several thousands in the near future) and then brings it down to potentially a couple of documents by deleting all inaccessible documents from the $this->data array...

Answer 1

You could create a findAccessibleDocuments method on the User Model that queries the database directly. You'll have to figure out the structure of the ACL tables to come up with the query.

class User extends AppModel {
    ...
    public function findAccessibleDocuments($userId = null){
        if (!$userId) $userId = $this->getID;
        return $this->query(/* select acos inner joining aros_acos and aros in which $userId is in. Optionally, you can inner join with Document to get more than their ids */);
    }

Sorry I can't give you the complete answer, but I'm in a rush now, you can work on it and I'll get back to this later to see how it went and maybe help you more.