weierophinney wrote > > -- cmple <roman.vidyayev@> wrote > (on Sunday, 26 February 2012, 07:32 PM -0800): >> But this means that I'll have to add "$this->myAcl()->isAllowed()" in >> every controller which makes my code redundant. Is there a way to use >> it globally(a single class available to all) ? maybe via DI instead of >> plugins ? > > There are two ways to do this. > > First, you can inject your ACL and user objects into your controllers or > service layer via DI. This then means you need to do the "isAllowed()" > check within the controllers themselves, or within your service layer > code. I actually prefer the latter method, as it makes re-using my code > within the various server classes fairly trivial. > > The second approach is to create a listener that listens on the dispatch > event, and does automated checking of ACLs based on the current > controller and action (though the latter gets a bit squidgy when you > consider the RestfulController, when an action parameter may not be > present). > > namespace AclChecker; > > use Zend\EventManager\StaticEventManager; > > class Module > { > public function init($manager) > { > // Register a bootstrap event > $events = StaticEventManager::getInstance(); > $events->attach('bootstrap', 'bootstrap', array($this, > 'bootstrap')); > } > > public function bootstrap($e) > { > // Register a dispatch event, at high priority > $app = $e->getParam('application'); > $app->events()->attach('dispatch', array($this, 'checkAcl'), > 100); > } > > public function checkAcl($e) > { > $app = $e->getTarget(); > $locator = $app->getLocator(); > $acl = $locator->get('AclChecker\Acl'); // or > whatever Acl class you > // define in > your app > > $matches = $e->getRouteMatch(); > $controller = $matches->getParam('controller'); > $action = $matches->getParam('action', 'index'); > > // get the current user somehow... > > if ($acl->isAllowed($user, $controller, $action)) { > // Passes ACL check; do nothing > return; > } > > // return a 401 response > // or a redirect response (e.g., to a login page) > } > } > > -- > Matthew Weier O'Phinney > Project Lead | matthew@ > Zend Framework | http://framework.zend.com/ > PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc > > -- > List: fw-general@.zend > Info: http://framework.zend.com/archives > Unsubscribe: fw-general-unsubscribe@.zend > Thanks Matthew! The second approach is exactly what I've been looking for. But I get the following error: PHP Fatal error: Call to undefined method Zend\EventManager\Event::getRouteMatch()
Could it be my version? "2.0.0beta2" Thanks! -- View this message in context: http://zend-framework-community.634137.n4.nabble.com/ZF2-What-s-the-proper-way-to-register-global-MVC-plugins-tp4265227p4425128.html Sent from the Zend Framework mailing list archive at Nabble.com. -- List: fw-general@lists.zend.com Info: http://framework.zend.com/archives Unsubscribe: fw-general-unsubscr...@lists.zend.com