This behavior enable you to command the RBAC via console. This avoids you to install a entire rbac graphic toolkit to set up some rules in the rbac, maybe you are running inside a ssh console.
I assume you are familiar with accessControl standard filter. It allows you to separate privileges to run some action from action code itself. There is however one problem with most common usage - you cannot use bizRules, at least based on some parameters passed to 'checkAccess' just because it is hard to pass them in accessRules() result.
In this wiki, I try to implement a simple authorization schema without putting much logic inside a file or into database table. We are constructing authorization hierarchy inside the controller. We are getting roles for the current user from database table and assigning only roles to user that are declared in the particular controller. We have brought down the work of loading of auth data at ma...
This article shows a quick and easy way to implement flat user access control system. Flat means, that user access is controlled by level only, which is solution exactly opposite to complex RBAC access systems.
This HowTo assumes that you have a smattering of ACL in general and of how the acl-extension works basically. It will introduce you into the abstract and give you a hint on how to use Business-Rules. If you have in-depth questions, please refer to the extension documentation. Using ACL in an RBAC-manner cannot and should never obs...
It is actually mentioned in the documentation