Hi All,
I've uploaded a patch to Zend_Acl that covers this use case while being
completely backwards compatible.
I'd really like to see everyone test this so we can feel good about
including it ASAP.
Issue:
http://framework.zend.com/issues/browse/ZF-10649
Patch:
http://framework.zend.com/issues/secure/attachment/13431/ZF-10649.patch
-ralph
On 11/11/10 6:50 PM, Terre Porter wrote:
So I've taken a look since this problem affected my code also.
If I understand the problem correctly would it not be better to just adjust the
isAllowed code to support the changes to the setRule?
if (null !== $resource) {
// keep track of originally called resource
$this->_isAllowedResource = $resource;
$resource = $this->get($resource);
if (!$this->_isAllowedResource instanceof
Zend_Acl_Resource_Interface) {
$this->_isAllowedResource = $resource;
}
// if resource is null, and resources exist then add them instead
} elseif ($resource === null&& count($this->_resources)> 0) {
foreach (array_keys($this->_resources) as $k => $v ) {
if (null !== ($result = $this->isAllowed($role, $v,
$privilege))) {
return $result;
};
}
}
The follow now works as expected.
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('role'));
$acl->addResource(new Zend_Acl_Resource('res'));
$acl->allow('role','res', 'privilege');
echo $acl->isAllowed('role','res','privilege')? "allowed" : "denied"; //
returns allowed
$acl->removeAllow('role',null,'privilege');
echo $acl->isAllowed('role',null,'privilege')? "allowed" : "denied"; // returns
denied
And the second code
$acl = new Zend_Acl();
$acl->addRole(new Zend_Acl_Role('role'));
$acl->addResource(new Zend_Acl_Resource('res'));
$acl->allow('role');
echo $acl->isAllowed('administrator') ? "allowed" : "denied"; // returns allowed
Would be the same as : (since null resource is all defined resources)
$acl->allow('role', 'res');
echo $acl->isAllowed('administrator') ? "allowed" : "denied"; // returns allowed
Hope that helps.
Terre
-----Original Message-----
From: Ralph Schindler [mailto:ralph.schind...@zend.com]
Sent: Thursday, November 11, 2010 12:50 PM
To: fw-general@lists.zend.com
Subject: Re: [fw-general] Zend_Acl 1.11 broken my code
I've been looking at this over the past day and I am attempting to find a
solution. As you can see it was a fix for a previous issue:
http://framework.zend.com/issues/browse/ZF-9643
Fixing the previous issue did not break any existing unit tests.
I will get to the bottom of it and figure out a solution that works for
everyone.
-ralph
On 11/11/10 12:32 AM, Valentin wrote:
Hi,
I'm impressed, is exactly the problem reported at bug
http://framework.zend.com/issues/browse/ZF-10649
Thanxx
2010/11/10 Emmanuel Bouton<got...@gmail.com>
Hi,
A bug has been created for that :
http://framework.zend.com/issues/browse/ZF-10649
I suggest you to vote for its fix ;)
Manu
2010/11/10 Valentin<valen...@valclip.com>
Hi,
New version 1.11 have only one change in Zend_Acl line 636:
Old line
$resources = array($resources);
change for this
$resources = ($resources == null&& count($this->_resources)> 0) ?
array_keys($this->_resources) : array($resources);
I've been studying (and debug) all day and how it affects the code
and
not
understand what happens. Any ideas?
Thanks