Hi Daniel,
The request object may be fetched in a controller action method using
$this-getRequest(), and controller plugins also receive the request in
preDispatch(), among other methods.
If your authorization code is in neither of these places, please let us
know if you are still having problems getting to the request object.
Sorry for the multiple mailings!
Best regards,
Darby
Darby Felton wrote:
Oops... I mean the /request/ object. :)
Darby Felton wrote:
Hi Daniel,
Zend_Acl_Assert_Interface::assert() is not special regarding access to
the response object, but you should be able to get to it pretty easily.
For example, you can set the response object as a property of an
instance of your assertion class, allowing assert() access to it:
class MyAssert implements Zend_Acl_Assert_Interface
{
public function __construct($response)
{
$this-response = $response;
}
public function assert(...)
{
// do something with $this-response
}
}
For information on how to fetch the response object, please see:
http://framework.zend.com/manual/en/zend.controller.response.html
Hope this helps!
Best regards,
Darby
Daniel Freudenberger wrote:
Hello,
i just want to know if there’s a good solution to get the request-object
within the assert method? I think there are several situations where the
request object is required to determine if the client has access to the
requested resource.
i.e.
?php
class Project_Acl_Assert_ForumPostEdit implements Zend_Acl_Assert_Interface
{
public function assert(Zend_Acl $acl, Zend_Acl_Role_Interface $role =
null, Zend_Acl_Resource_Interface $resource = null, $privilege = null)
{
// get the request object
// get the requested post
$posts = new ForumPosts();
$post = $posts-find($req-_getParam(“id“))-current();
// compare author with authenticated client
return Zend_Auth::getInstance()-getIdentity()-id == $post-author_id;
}
}
?
with kind regards,
Daniel
