I’ve developed several custom ACL Libraries/Components for many different types of application over the past few years. They are usually not the developer pure Access Request Objects / Access Control Objects (ARO / ACO) type of Access Control, as is seen with CakePHP.
I often develop custom ACL Libraries with Control Points defined by Controller Methods. These points of control are often defined as permission keys and can easily be integrated into application controllers. This is usually defined and managed thru an automated process. Permission keys can also be developed for custom purposes, such as basic CRUD control used with Grocery CRUD or even field level control on data models. This type of ACL development can also be used in older non-MVC code, where older code can not be redeveloped into a more modern framework.
Inspired By:
Tasty Bytes Article: http://www.tastybytes.net/blog/simple-acl-class-for-codeigniter
NET Tuts Article: http://net.tutsplus.com/tutorials/php/a-better-login-system/
About ACL: An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation. For instance, if a file has an ACL that contains (Alice, delete), this would give Alice permission to delete the file.