Saying that I've got: 1/ categories: category1, category2, category3 ... each category has many posts 2/ user roles: roleA, roleB, roleC
I know that I can use phalcon built in ACL system to define role access to controllers / actions.
But how can I set access restrictions one some particular categories ? Something like this:
1/ roleA can read post in categories category1, category2 (saying they are reader on this categories) 2/ roleB same as roleA but can also CRUD his own posts in category1 (saying this role is publisher in this category) and read posts in category3 3/ roleC has full CRUD rights on categories category2, category3 (saying role-C is admin on category2 and category3) 4/ ....
My first thought is to use cross ( manymany) tables between roles and categories: 1/ categoryreader 2/ categorypulisher 3/ categoryadmin
Well ... I did not know if it's the best way to achieve what I want and I do not know how to implement this !
All advices are welcome.