Acl with modules syntax doubt

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Acl with modules syntax doubt

whisher
Hi.
I'm set up an acl system with modules.
This code works fine but I've never seen
this syntax in the reference manual so
I'm asking for advice.

the code

<pre>
$this->_acl->allow('member','users');
$this->_acl->allow('member', 'users:index');  
 //$this->_acl->allow('member','users','index'); it doesn't work
</pre>

Member has privileges to access to my
modules users
controller index
action index


Can you enlighten me, please ?

Bye.
Reply | Threaded
Open this post in threaded view
|

Re: Acl with modules syntax doubt

weierophinney
Administrator
-- whisher <[hidden email]> wrote
(on Tuesday, 23 June 2009, 02:38 PM -0700):

> I'm set up an acl system with modules.
> This code works fine but I've never seen
> this syntax in the reference manual so
> I'm asking for advice.
>
> the code
>
> <pre>
> $this->_acl->allow('member','users');
> $this->_acl->allow('member', 'users:index');  
>  //$this->_acl->allow('member','users','index'); it doesn't work

The last argument should be an array of strings.

> </pre>
>
> Member has privileges to access to my
> modules users
> controller index
> action index
>
> Can you enlighten me, please ?

One more note -- the roles and resources must be defined *before* you
set the permissions -- otherwise you'll get an error. The resource and
role names must match those that you've defined as well.

--
Matthew Weier O'Phinney
Project Lead            | [hidden email]
Zend Framework          | http://framework.zend.com/
Reply | Threaded
Open this post in threaded view
|

Re: Acl with modules syntax doubt

whisher

Matthew Weier O wrote:

>
> The last argument should be an array of strings.
>

Sorry Matthew I sent you a email by mistake ;)

Thanks for the quick reply.
But I've just a lot of troubles :(

My tree
application
-auth
--controllers
--forms
--views
-categories
--controllers
--forms
--views
-config
--config.ini
--nav.xml
-default
--controllers
--forms
--views
-languages
--en_US.php
--it_IT.php
-layout
--scripts
---layout.phtml
-log
-users
--controllers
--forms
--views


In my bootstrap

protected function _initRouter()
    {
        $this->bootstrap('frontController');
        $front = $this->getResource('frontController');
        $front->setControllerDirectory(array(
            'default'    => APPLICATION_PATH .'/default/controllers',
            'auth'    => APPLICATION_PATH .'/auth/controllers',
            'users'    => APPLICATION_PATH .'/users/controllers',
            'categories'    => APPLICATION_PATH .'/categories/controllers',
        ));
}

protected function _initPlugins()
    {    
        //Zend_Controller_Action_HelperBroker::addPrefix('W_Controller_Action_Helper');
        //$this->bootstrap('frontController');
        $front = $this->getResource('frontController');
       
        $acl = new Zend_Acl();
        /* Add roles */
        $acl->addRole(new Zend_Acl_Role('guest'));
        $acl->addRole(new Zend_Acl_Role('member'), 'guest');
        $acl->addRole(new Zend_Acl_Role('operator'), 'member');
        $acl->addRole(new Zend_Acl_Role('admin'), 'operator');
       
        /* Add default resourses */
        $acl->add(new Zend_Acl_Resource('index'));
        $acl->add(new Zend_Acl_Resource('error'));
         
        /* Add resourses */
        $acl->add(new Zend_Acl_Resource('auth'));
        $acl->add(new Zend_Acl_Resource('auth:index'));
        $acl->add(new Zend_Acl_Resource('auth:identify'));
        $acl->add(new Zend_Acl_Resource('users'));
        $acl->add(new Zend_Acl_Resource('users:index'));
        $acl->add(new Zend_Acl_Resource('categories'));
        $acl->add(new Zend_Acl_Resource('categories:index'));
       
        /* It doesn't work'*/
        /*$acl->allow('guest', 'error', array('error','denied'));
        $acl->allow('guest', 'auth', array('index','identify') );
        $acl->allow('guest', 'index' , array('index'));
        $acl->allow('member', 'users', array('index'));
        $acl->allow('admin', 'categories' , array('index'));*/
       
        /* It works */
        $acl->allow('guest', 'error');
        $acl->allow('guest', 'index');
        $acl->allow('guest', 'auth');
        $acl->allow('guest', 'auth:index');
        $acl->allow('guest', 'auth:identify');
        $acl->allow('member', 'users');
        $acl->allow('member', 'users:index');
        $acl->allow('admin', 'categories');
        $acl->allow('admin', 'categories:index');
       
         
       $front->registerPlugin(new W_Controller_Plugin_Acl($acl,'member'));
      // $front->registerPlugin(new W_Controller_Plugin_AclDb());
        //$front->registerPlugin(new W_Controller_Plugin_FormLoader());
    }



In the plugins

public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
       
        $response = $this->getResponse();
        if($response->isException()){
            $this->_request->setModuleName('default');
            $this->_request->setControllerName('error');
            $this->_request->setActionName('error');
            return null;
        }
        $resourceName = '';  
        if ($request->getModuleName() != 'default') {
            $resourceName .= $request->getModuleName() . ':';
        }

        $resourceName .= $request->getControllerName();
//var_dump($resourceName.'-'.$request->getActionName()); RETURN like categories:index-index
//var_dump($this->getAcl()->isAllowed('guess', 'categories', 'index'));
        /** Check if the controller/action can be accessed by the current user */
        if (!$this->getAcl()->isAllowed($this->_roleName, $resourceName, $request->getActionName())) {
            /** Redirect to access denied page */
            $this->denyAccess();
        }
    }


So I don't know which way to turn :(


What's the trouble ?
Reply | Threaded
Open this post in threaded view
|

Re: Acl with modules syntax doubt

whisher
May be I see the light ;)
http://oss.jasoneisen.com/2008/04/26/database-driven-acl-with-zend-framework/

In this case  jasoneisen use the underscore to mark  the $resourceId

$this->add(new Zend_Acl_Resource($role['acl_module_name'].'_'.$role['acl_resource_name']));

$this->allow($role['acl_role_id'], $role['acl_module_name'].'_'.$role['acl_resource_name'], $role['acl_privilege_name']);


so it's all the same using the underscore or the colon imho.

I'd like to know if I'm right ;)

Bye.