Re: [fw-general] ACL actual use
I do pretty much the same as David, I have my modules / controllers / actions mapped in database tables, then create rules for each. Then the whole lot is built and cached. Then the resources are made up of ModuleController names, it works well although it's not yet been combined with authentication as it's in development. It's not the easiest but once you start using it you will find it all naturally falls together. There are a number of 'tutorials' on http://www.zftutorials.com/ or at least links to articles, all of which have something useful in, but non of them tell you exactly what to do. Simon - Simon Corless http://www.ajb007.co.uk/ -- View this message in context: http://www.nabble.com/ACL-actual-use-tp15986088s16154p16090017.html Sent from the Zend Framework mailing list archive at Nabble.com.
Re: [fw-general] ACL actual use
Alex, I have my controllers/actions mapped directly to resources/privileges. I have a controller plugin that checks on predispatch to see if the user has access to the requested controller/action and, if not, routes them to a 404 or denied page. Jason On Tue, Mar 11, 2008 at 12:17 PM, Alexander Johannesen [EMAIL PROTECTED] wrote: Hi, Has anyone used Zend ACL in an active project, and would like to share some thoughts on it? (Pro/con/gotcha's) I'm about to implement it into a larger framework (an extension of ZF, really) and would like to hear people's opinions before I get my surgeons knife out... Also, has anyone defined an ACL definition / ini files? Much of the API can be replicated through much simpler ini files, so if anyone has done this I could save some time. Alex -- --- Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic Maps -- http://shelter.nu/blog/
Re: [fw-general] ACL actual use
hi Alexander,
my ACL solution is based on ini files and my AclModel class reads those
files and creates the ACL object, which should be cached by a cache
mechanism, because a file solution is a little bit slower than a db
solution. But it's much simpler to handle, for me.
http://sources.online-skripte.de/Mtwd_Zend_AclModel.phps Source
http://php.online-skripte.de/Mtwd_Zend_AclModel/api/ API
usage in bootstrap:
// STANDARD ACL
$acl = new Mtwd_Zend_AclModel(new
Zend_Config_Ini('../application/configs/accesslist.ini'));
// MODULE ACLs
$acl-addModule(new
Zend_Config_Ini('../application/configs/modules/gallery.ini'));
// USER ACL
$acl-addUser(new
Zend_Config_Ini('../application/configs/user_acl/user_x.ini'));
accesslist.ini
[guest]
main.parents =
main.allow = home news
main.privilegesAllow = (show)
main.privilegesDeny =
[member]
main.parents = guest
main.allow = profiles tutorials shoutbox
main.privilegesAllow = (insert,shoutbox)
main.privilegesDeny =
[admin]
main.parents = member
main.allow =
main.privilegesAllow = (delete)
main.privilegesDeny = (delete,shoutbox) (delete,news)
gallery.ini
[memberGallery]
main.parents =
main.allow = gallery
main.privilegesAllow = (show)
main.privilegesDeny =
[moderatorGallery]
main.parents = memberGallery
main.allow =
main.privilegesAllow = (edit) (hide)
main.privilegesDeny =
[adminGallery]
main.parents = moderatorGallery
main.allow =
main.privilegesAllow = (delete)
main.privilegesDeny =
user_x.ini
[user_x]
main.parents = member moderatorGallery
I know it seems to be difficult but for me it is a intuitive way. Maybe
there are some bugs but i will keep on working on it.
Bye,
David
Alexander Johannesen wrote:
Hi,
Has anyone used Zend ACL in an active project, and would like to share
some thoughts on it? (Pro/con/gotcha's) I'm about to implement it into
a larger framework (an extension of ZF, really) and would like to hear
people's opinions before I get my surgeons knife out...
Also, has anyone defined an ACL definition / ini files? Much of the
API can be replicated through much simpler ini files, so if anyone has
done this I could save some time.
Alex
--
---
Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic Maps
-- http://shelter.nu/blog/
--
View this message in context:
http://www.nabble.com/ACL-actual-use-tp15986088s16154p16016536.html
Sent from the Zend Framework mailing list archive at Nabble.com.
[fw-general] ACL actual use
Hi, Has anyone used Zend ACL in an active project, and would like to share some thoughts on it? (Pro/con/gotcha's) I'm about to implement it into a larger framework (an extension of ZF, really) and would like to hear people's opinions before I get my surgeons knife out... Also, has anyone defined an ACL definition / ini files? Much of the API can be replicated through much simpler ini files, so if anyone has done this I could save some time. Alex -- --- Project Wrangler, SOA, Information Alchemist, UX, RESTafarian, Topic Maps -- http://shelter.nu/blog/
