I spent some time looking for an easy way to promote user accounts to administrator status using CakePHP's ACL system. My ARO's are fairly simple. I have an Admin ARO and under that I have all the admin user accounts. Then I have the Users ARO. ARO:
 - Root
     - Admin
         - User 1
         - User 5
     - Users
         - User 2
         - User 3
         - User 4 In the /admin/users/edit/ view I have a checkbox called admin. If checked, this indicates the user is an administrator. If unchecked, they are a normal user.

User Model

function afterSave($created) { parent::afterSave($created); // changing permissions // -------------------- if(isset($this->data['User']['admin'])) { // moving to admin // --------------- if($this->data['User']['admin'] == 1) { $parentAro = $this->Aro->findByAlias('Admin'); } else { $parentAro = $this->Aro->findByAlias('Users'); } $this->Aro->save(array( 'id' => $user['Aro']['id'], 'parent_id' => $parentAro['Aro']['id'], 'alias' => $this->name . '.' . $this->id, 'foreign_key' => $this->id, 'model' => $this->name )); } } Visiting /admin/users/edit/2 and checking the "admin" checkbox will result in: ARO:
 - Root
     - Admin
         - User 1
         - User 5
         - User 2
     - Users
         - User 3
         - User 4

Name: ^*

Website: ^{(used as a track back)}

Email: ^{(never displayed, used to notify you of responses)}

Comment: ^* html allowed