When use ACL and when use HABTM for control access

Hi
I'm newbie on cakephp
I have a big doubt about if use ACL or HABTM in my web application. I
would ask you some suggestion.
My system is:

Model:
User , Organization , Document

Organization HABTM Recipient (User)
Organization HABTM Administrator (User)

Document belongsTo Organization
Document HABTM Recipient (User) (a subset of Recipients of the
organization which belongs the document)

I must control that a user can read only to documents which it is a
recipient.
I must control that a user can read only to organizations which it is
a recipient.
I must control that a user can edit only to documents which belongs to
organization which it is a administrator.
I must control that a user can edit only to organizations which it is
a administrator.

In this situation what is the best pattern to use? Is it sufficient to
do a method "isAccessible" in model Document and a method
"isAccessible" in model Organization ?

Many Thanks

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en