Hi there I'm in the process of designing a security model for my Zend Framework applications. Essentially what I plan to do, is have a master config on a module-controller-action basis, which defines whether login is required, possibly groups who are granted access, and what parameters are allowed (Allow Known Good) - maybe even define how the parameters should be filtered (sanitized) here, as well. I'll then integrate this into a custom request / router to enforce these rules.
I'll probably have something like an XML file which mirrors the application structure; that is, a hierarchical list of modules, controllers and actions. Now - it would help enormously if I can analyse an exiting project, and generate this list to create / validate such a configuration file. I've had a look at Zend Tool, and it *seems* that it might be able to help me do this; can anyone point me in the right direction? Otherwise I'll have to do something like; check every directory under 'application' for a controllers directory, parse each controller directory and then extact a list of xxxAction function declarations. Ideally, I'd also like to extract all calls to GetParam() etc... But surely there's a cleaner way of doing this? Thanks in advance -- View this message in context: http://www.nabble.com/Modelling-application-structure-tp19634235p19634235.html Sent from the Zend Framework mailing list archive at Nabble.com.
