In CakePHP, how do I create an Access Denied route?

When going through the tutorials for setting up the Auth and ACL components, I discovered that when a logged-in user accesses an area of my site that they do not have permissions for, they are redirected to /.

This isn't a show stopper, as I can always redirect them to the appropriate place from my homepage view or just display an error there, but that seems sort of hacky. Is there a way to specify where ACL should redirect a user if 开发者_StackOverflowthey do not have access to a particular view? I'd just like to set up a simple global access denied error page in this case. Even having it redirect them to the login page again would be kind of acceptable, but the homepage just seems like a really odd default for the system to use.

You could set $this->Auth->authorize = 'controller', then specify redirect in the isAuthorized() callback.

http://book.cakephp.org/view/1275/authorize

http://api13.cakephp.org/view_source/auth-component/#line-508

You could also test $this->Auth->user() for sufficient privileges and redirect on fail:

if ($this->Auth->user('level') < 2) {
    $this->redirect('/users/declined');
}

Otherwise, Auth->redirect() pulls whatever the login redirect property is set to, which defaults to /. See http://api13.cakephp.org/view_source/auth-component/#line-745