Zend Framework Acl and Auth

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Zend Framework Acl and Auth

Post by John Cartwright »

Okay I have been struggling with this for a couple days. Basically, I'm trying to implement a transparent authentication system and avoiding having any authentication calls within the controllers. Now, my problem isn't with the Auth plugin I've created, my problem is creating the Acl control structure. Not so much the creation of it, but how to go about it.

My objective is to create a skeleton application over the Zend Framework so I want to have a default permission management system for every site, which can obviously be overridable, ie. administrator rule required for admin module, and guests have full access to default module. I was thinking of creating another plugin to set the default permissions, but I have no idea about how to tackle creating the acl.

So my question is: what do you guys recommend as a storage medium for dynamically creating Acl's. Also, where do you generally set the Acl? I was generally gearing towards a seperate plugin, because if a site has no authentication then I could simply remove the plugin, however it seems more appropriate to build it in the Action Controller. I'm kind of torn here.

For those of you interested, heres the plugin to check the Acl and Auth

Code: Select all

 
class Northern_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
    protected $_auth;
    protected $_acl;
 
    protected $_noauth = array(
        'controller' => 'login',
        'action' => 'index'
    );
 
    public function __construct(Zend_Auth $auth, Zend_Acl $acl)
    {
        $this->_auth = $auth;
        $this->_acl = $acl;
    }
 
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        if ($this->_auth->hasIdentity()) {
            $role = $this->_auth->getIdentity()->getUser()->role;
        } else {
            $role = 'guest';
        }
 
        $resource = $request->getControllerName();
        if (!$this->_acl->has($resource)) {
            $resource = null;
        }
 
        if (!$this->_acl->isAllowed($role, $resource, $request->getActionName()) || !$this->_auth->hasIdentity()) {
            $request->setControllerName($this->_noauth['controller']);
            $request->setActionName($this->_noauth['action']);
        }
    }
}
playtek
Forum Newbie
Posts: 1
Joined: Sun Jul 22, 2007 6:45 am

Re: Zend Framework Acl and Auth

Post by playtek »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi, I was browsing google for some way to include acl into a predispatch and i found your code.
I'm just starting with zend framework and your post give my some light (simple and easy to understand).
I just changed one thing, I need to work :

Code: Select all

if ($this->_auth->hasIdentity()) {
                        $role = $this->_auth->getIdentity()->credencial;
                } else {
                        $role = 'guest';
                }
where credencial is the role, wrote on storage.

And the real reason for this post is for say thank you for this aproach :D


Bye!


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

You ever figure this out jcart?
Post Reply