Pudding Update, Working on Security

I'm gutting a lot of the security code in Pudding. It's to hard to work with, and it has more holes than swiss cheese. I'm finding that having 1 controller for every model object is a lot easier to secure. There is just a lot less each controller has to worry about. I'm not going full REST routing, but I'm running away from crap like this:

/client_management/client_company?client_company_id=1
/client_management/client?client_id=1

and enjoying these:

/client_company/1
/client/1