4. Need guidance to start with Zend ACL

Need guidance to start with Zend ACL

Answer

I implemented similar thing not so long ago. Basic concept follows in an example code.

I created my own configAcl.php file which is loaded in bootstrap file, in my case it is index.php. Here is how it'd be according to your case:

$acl =newZend_Acl();

$roles  = array('admin','normal');// Controller script names. You have to add all of them if credential check// is global to your application.
$controllers = array('auth','index','news','admin');foreach($roles as $role){
    $acl->addRole(newZend_Acl_Role($role));}foreach($controllers as $controller){
    $acl->add(newZend_Acl_Resource($controller));}// Here comes credential definiton for admin user.
$acl->allow('admin');// Has access to everything.// Here comes credential definition for normal user.
$acl->allow('normal');// Has access to everything...
$acl->deny('normal','admin');// ... except the admin controller.// Finally I store whole ACL definition to registry for use// in AuthPlugin plugin.
$registry =Zend_Registry::getInstance();
$registry->set('acl', $acl);

Another case is if you want to allow normal user only "list" action on all your controllers. It's pretty simple, you'd add line like this:

$acl->allow('normal',null,'list');// Has access to all controller list actions.

Next you should create new plugin which takes care of credential checking automatically when there is a request for some controller action. This checking takes place in preDispatch() method that is called before every call to the controller action.

Here is AuthPlugin.php:

classAuthPluginextendsZend_Controller_Plugin_Abstract{publicfunction preDispatch(Zend_Controller_Request_Abstract $request){
        $loginController ='auth';
        $loginAction     ='login';

        $auth =Zend_Auth::getInstance();// If user is not logged in and is not requesting login page// - redirect to login page.if(!$auth->hasIdentity()&& $request->getControllerName()!= $loginController
                && $request->getActionName()!= $loginAction){

            $redirector =Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
            $redirector->gotoSimpleAndExit($loginAction, $loginController);}// User is logged in or on login page.if($auth->hasIdentity()){// Is logged in// Let's check the credential
            $registry =Zend_Registry::getInstance();
            $acl = $registry->get('acl');
            $identity = $auth->getIdentity();// role is a column in the user table (database)
            $isAllowed = $acl->isAllowed($identity->role,
                                         $request->getControllerName(),
                                         $request->getActionName());if(!$isAllowed){
                $redirector =Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
                $redirector->gotoUrlAndExit('/');}}}}

Final steps are loading your configAcl.php and register the AuthPlugin in bootstrap file (probably index.php).

require_once '../application/configAcl.php';

$frontController =Zend_Controller_Front::getInstance();
$frontController->registerPlugin(newAuthPlugin());

So this is the basic concept. I didn't test the code above (copy and paste and rewrite just for the showcase purpose) so it's not bullet-proof. Just to give an idea.

All zend-framework Questions
Ask your interview questions on zend-framework

Write Your comment or Questions if you want the answers on zend-framework from zend-framework Experts
Name* :
Email Id* :
Mob no* :
Question
Or
Comment* :
 





Disclimer: PCDS.CO.IN not responsible for any content, information, data or any feature of website. If you are using this website then its your own responsibility to understand the content of the website

--------- Tutorials ---