I want to write ACL. The access groups and access tasks are arbitrary. That means that any group can be given any access and initially accesses and groups are unknown. Creating groups is easy but I have hit a wall on how do I create/Implement limiting the tasks.
Example: Admin group only should be able to delete users. Now the task will be delete user and group permitted is admin but I cannot currently understand how the concept works to limit only admins to access this task.
I use MVC pattern if that is of help.
What I need is how do I limit some controllers and/or methods to given groups?