/** * Checks if the provided user is authorized for the request * @param array $user The user to check the authorization of. If empty the * user in the session will be used * @return bool `true` if the user is authorized, otherwise `false` * @uses MeCms\Controller\AppController::isAuthorized() * @uses MeCms\Controller\Component\AuthComponent::isGroup() */ public function isAuthorized($user = null) { //Only admins can delete videos categories if ($this->request->isDelete()) { return $this->Auth->isGroup('admin'); } //Admins and managers can access other actions return parent::isAuthorized($user); }