Page 1 of 1

Zend Framework Acl and Auth

Posted: Sat Apr 14, 2007 2:16 pm
by John Cartwright
Okay I have been struggling with this for a couple days. Basically, I'm trying to implement a transparent authentication system and avoiding having any authentication calls within the controllers. Now, my problem isn't with the Auth plugin I've created, my problem is creating the Acl control structure. Not so much the creation of it, but how to go about it.

My objective is to create a skeleton application over the Zend Framework so I want to have a default permission management system for every site, which can obviously be overridable, ie. administrator rule required for admin module, and guests have full access to default module. I was thinking of creating another plugin to set the default permissions, but I have no idea about how to tackle creating the acl.

So my question is: what do you guys recommend as a storage medium for dynamically creating Acl's. Also, where do you generally set the Acl? I was generally gearing towards a seperate plugin, because if a site has no authentication then I could simply remove the plugin, however it seems more appropriate to build it in the Action Controller. I'm kind of torn here.

For those of you interested, heres the plugin to check the Acl and Auth

Code: Select all

 
class Northern_Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
    protected $_auth;
    protected $_acl;
 
    protected $_noauth = array(
        'controller' => 'login',
        'action' => 'index'
    );
 
    public function __construct(Zend_Auth $auth, Zend_Acl $acl)
    {
        $this->_auth = $auth;
        $this->_acl = $acl;
    }
 
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        if ($this->_auth->hasIdentity()) {
            $role = $this->_auth->getIdentity()->getUser()->role;
        } else {
            $role = 'guest';
        }
 
        $resource = $request->getControllerName();
        if (!$this->_acl->has($resource)) {
            $resource = null;
        }
 
        if (!$this->_acl->isAllowed($role, $resource, $request->getActionName()) || !$this->_auth->hasIdentity()) {
            $request->setControllerName($this->_noauth['controller']);
            $request->setActionName($this->_noauth['action']);
        }
    }
}

Re: Zend Framework Acl and Auth

Posted: Sun Jul 22, 2007 6:54 am
by playtek
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi, I was browsing google for some way to include acl into a predispatch and i found your code.
I'm just starting with zend framework and your post give my some light (simple and easy to understand).
I just changed one thing, I need to work :

Code: Select all

if ($this->_auth->hasIdentity()) {
                        $role = $this->_auth->getIdentity()->credencial;
                } else {
                        $role = 'guest';
                }
where credencial is the role, wrote on storage.

And the real reason for this post is for say thank you for this aproach :D


Bye!


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Wed Sep 19, 2007 6:39 pm
by Luke
You ever figure this out jcart?