check permission against group not users using Auth->authorize="actions"

Can any one explain me the working of Auth->authorize = "actions"

In my project i am planning tp give this.

As this taught me the authorize will call the $this->Aro->check($user,"controllers/:controller/:action")

This will check the against the user right??

that means the user should be there in aros table.

But i don't need this to check against user but i need to check against a group

How can i achive this.

now when the users is not in Aro table it showing the

So that The Aro's wi开发者_开发百科ll be only the groups and adding of users to the Aros is needed

thankz in advance

---

Got the solution
using this reference
i extended the AuthComponent to CustomAuth and overridden the isAutorized() method in the AuthComponent as follows

in controllers/components/custom_auth.php

    <?php
App::import('Component','Auth');
class CustomAuthComponent extends AuthComponent {

    public function isAuthorized($type = null, $object = null, $user = null) {

        $actions  = $this->__authType($type);
        if( $actions['type'] != 'actions' ){
            return parent::isAuthorized($type, $object, $user);
        }
        if (empty($user) && !$this->user()) {
            return false;
        } elseif (empty($user)) {
            $user = $this->user();
        }


        $group = array('model' => 'Group','foreign_key' =>$user['Login']['group_id']);
        $valid = $this->Acl->check($group, $this->action());
        return $valid;
    }
}
?>

in app_controller.php

function beforeFilter()
{
$this->CustomAuth->userModel = 'Login';
$this->CustomAuth->allowedActions = array('display');
$this->CustomAuth->actionPath = 'controllers/';
$this->CustomAuth->authorize = 'actions';
}

This solved my issue :)

---

Take a look at this chapter. To check a group permission do this ('model' and 'foreign_key' values are from aros table):

$this->Acl->check(
     array('model' => 'Group', 'foreign_key' => 2),
    'controller/action'
);