You are not logged in.
First off, I'm new here.
thanks to Jon for all the amazing casts they helped me alot.
Now to my problem:
I'm trying to use Zend_ACL in a dynamic way with a database backend.
in the last two days i tried alot and read alot about that issue but i came to no clear solution yet.
i found this
http://my.opera.com/zomg/blog/2007/05/0 … es-in-a-db
http://codeutopia.net/blog/2009/02/18/z … amic-acls/
but that doesnt completly satisfy me.
what i want is this:
- be able to set up module/controller/action access-rights for individual users and groups with inheritance.
- be able to allow/deny actions on specific id's (eg allowing the author and moderator/admin groups to editing of a post but deny it for everyone else)
- be able to use that with zend_navigation aswell
does anyone have any experience with that kinda thing?
can you point me on some articles about this ?
thanks in advance
Offline
I was looking for a tutorial like that as well, but the only ones close to that where using doctrine not the Zend_Db, and as a choice whant to use as little external tools as possible. And stick to the ZF components of extensions to those components. So this is what i've done:
store all the roles in a db table, as well as resources.
create a table for store privileges
Created a class that extends Zend_ACL, where i call the models to deal with the db tables, and created methods to get the roles, privileges, and resources, and a method to compare privileges
In my case resources are modules, but they can be controllers, or controller:action. Each resource is composed of name, url, description
That way you can create as many resources as you need, and set permissions on them, i use the permissions tabel in the DB to store user access rights, based on privileges, for me priviliges are the actions the user can make on a resource. Exmp.: Read, Edit, Review
in your case a resource can have the name as 'module:controller:action'
Hope it helped a little
Offline