[ACL with roles] How to properly manage rights for specific controller actions

While digging into ACL I am encountering the problem that for most things I need an ID to check if the user is allowed to do it.

An example: I have a bunch of groups. Every group has its owner and some admins that are allowed to view, edit, ... the group.

My first approach was to save a group_show right in the rights table. But then I saw that I didn't specify which group is allowed to show. I don't want a group_show_{id} right for every group in the table so how could I solve this problem?

I hope I explained it well. It's a bit complicated for me to explain..