Example Permissionable usage

gistfile1.php

<?php
# Controller
$job = $this->Note->Job->find('summary', array(
	'conditions' => array('Job.id' => $job_id),
	'contain' => array('Note.CreatedBy', 'TodoList.TodoItem.Note.CreatedBy', 'Submittal.Note.CreatedBy')
));

gistfile2.php

<?php
# Job model
/**
 * Row-level permission conditions.
 * 
 */
	function permissions($user) {
		if ($user['Role']['jobs'] == 'all') {
			return false;
		}
		if ($user['Role']['jobs'] == 'none') {
			return array('false');
		}		
		if ($user['Role']['type'] == 'client') {
			return array('Job.account_id' => $user['account_id']);
		}

		# Get subordinate ids
		$subordinates = $this->Account->Contact->find('subordinates', array(
			'permissions' => false
		));

		$accessible = array_merge(array_keys($subordinates), array($user['id']));
		
		return array('Job.project_manager_id' => $accessible);
	}

gistfile3.php

<?php
# Contacts model
/**
 * Custom find method to retrieve a list of a subordinate contacts.
 * 
 */
	function _findSubordinates($state, $query, $results = array()) {
		if ($state == 'before') {
			if (!array_key_exists($this->alias . '.supervisor_id', (array)$query['conditions'])) {
				$query['conditions'][$this->alias . '.supervisor_id'] = Contact::get('id');
			}
			if (empty($query['fields'])) {
				$query['fields'] = array('id', 'directory_name', 'supervisor_id');
			}
			return $query;
		} else {
			if (!empty($results)) {
				$_results = Set::combine($results, '/' . $this->alias . '/id', '/' . $this->alias . '/directory_name');
				foreach ($results as $result) {
					$_results += $this->find('subordinates', array(
						'conditions' => array($this->alias . '.supervisor_id' => $result[$this->alias]['id']),
						'permissions' => false
					));
				}
				asort($_results);
				$results = $_results;
			}
			return $results;
		}
	}