My objective is to create a skeleton application over the Zend Framework so I want to have a default permission management system for every site, which can obviously be overridable, ie. administrator rule required for admin module, and guests have full access to default module. I was thinking of creating another plugin to set the default permissions, but I have no idea about how to tackle creating the acl.
So my question is: what do you guys recommend as a storage medium for dynamically creating Acl's. Also, where do you generally set the Acl? I was generally gearing towards a seperate plugin, because if a site has no authentication then I could simply remove the plugin, however it seems more appropriate to build it in the Action Controller. I'm kind of torn here.
For those of you interested, heres the plugin to check the Acl and Auth
Code: Select all
class Northern_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
protected $_auth;
protected $_acl;
protected $_noauth = array(
'controller' => 'login',
'action' => 'index'
);
public function __construct(Zend_Auth $auth, Zend_Acl $acl)
{
$this->_auth = $auth;
$this->_acl = $acl;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
if ($this->_auth->hasIdentity()) {
$role = $this->_auth->getIdentity()->getUser()->role;
} else {
$role = 'guest';
}
$resource = $request->getControllerName();
if (!$this->_acl->has($resource)) {
$resource = null;
}
if (!$this->_acl->isAllowed($role, $resource, $request->getActionName()) || !$this->_auth->hasIdentity()) {
$request->setControllerName($this->_noauth['controller']);
$request->setActionName($this->_noauth['action']);
}
}
}