You should be able to set up a guest role and assign that to any user not
logged in. Not sure how you've set up Zend_Auth and Zend_Acl, but thats what
we've been doing.
Every action we define in our projects has an ->allow() call even if
everyone is able to access it.
Tim
On Fri, Oct 24, 2008 at 09:54, tony stamp <[EMAIL PROTECTED]> wrote:
>
> Hello
>
> I have a controller that displays the latest news on the index page on my
> site. Obviously, its called newsController that has the action latestNews
> (called from the view's action helper).
>
> Now i am developing the admin side of the site, it makes sense that i put
> the add/edit/delete actions in the same newscontroller. However, if i
> define
> access rules for these actions via zend_acl, it rules out the chance of
> calling the latestAction for users not logged in.
>
> Ideally, in the acl, i would like to define something like:
> $this->allow(null, 'news', array('latest'));
> ...meaning that users with no role can only view the latestAction on the
> news controller. Futher refinement of add/edit/delete can be defined for
> mods/admins etc.
> But the above is not possible, so i (think) i have two options - split the
> functionality into two separate controllers - a latest news controller
> (containing just the latestAction), accessible by non-logged in users,
> followed by a news manager type of controller (for the crud actions for
> logged in users) which is governed by the acl.
>
> Alternatively, if there is a way of setting a sort of base credential using
> zend_auth ie guest or siteVisitor, which can then be defined to view only
> the latestAction on a single news controller?
>
> hmmm...
> --
> View this message in context:
> http://www.nabble.com/Setting-default-auth-object-tp20141150p20141150.html
> Sent from the Zend Framework mailing list archive at Nabble.com.
>
>
