public static function _isAuthorized($user, $request) { $action = $request instanceof Cake\Network\Request ? $request->action : $request['action']; if ($action == 'add' && $user['role'] == 'CanAddPosts') { return true; } return parent::_isAuthorized($user, $request); }