Integration of Zend_Acl and MVC. Part 1 (simple usage)

so what is wrong with Zend_Acl and the current MVC implementation in the Zend Framework? There's nothing wrong, just not too obvious for developers how to achieve optimal integration between these two important parts of the framework.

First, this article is based on the next sentence (link), currently pending recommendations.
Well, how does it work? There are two main components in this proposal:
    the
  1. the Plugin from the front controller (Front Controller Plugin): this component decides whether the current user access to the opened page.
    2. the
  2. Assist steps (Action Helper): This component allows you to check if the current user has access inside of the controller.

Based on these two components, let's try the example. Let's talk about the website like DevZone.
We will need a controller to manage users and another controller for articles, as well 3 types of users (roles): one for guests, one for authors and another for approval of articles. In total, we have:

Resources:
    the
  1. Controller users.
    2. the
  2. Controller articles.

Role:
    the
  1. Guest (Guest).
    2. the
  2. Author (Writer).
    3. the
  3. Administrator (Admin).

the

setup Zend_Acl component


After determining what we need to do, the next step is creating an instance of Zend_Acl, an expression of our model.
the 
/** Creating the ACL object */ 
require_once 'Zend/Acl.php'; 
$myAcl = new Zend_Acl();

the

Creating roles


Now we will create the roles in our copy Zend_Acl.
the 
/** Creating Roles */ 
require_once 'Zend/Acl/Role.php'; 
$myAcl- > addRole(new Zend_Acl_Role('guest')) 
->addRole(new Zend_Acl_Role('writer'), 'guest') 
->addRole(new Zend_Acl_Role('admin'), 'writer');

the

Creating resources


Create the necessary resources (one per controller), as well as their relations with the roles created by us.
the 
/** Creating resources */ 
require_once 'Zend/Acl/Resource.php'; 
$myAcl- > add(new Zend_Acl_Resource('user')) 
- >add(new Zend_Acl_Resource('article'));

the

privileges


Now we have added roles and resources in our instance of Zend_Acl, it is time to explain what actions should be available to any roles.
    the
  1. Guests can't edit, add and publish articles.
    2. the
  2. Authors can publish articles.
    3. the
  3. Administrators have full access.

the 
/** Creating permissions */ 
$myAcl- > allow('guest', 'user') 
->deny('guest', 'article') 
->allow('guest', 'article', 'view') 
->allow('writer', 'article', array('add', 'edit')) 
->allow('admin', 'article', 'approve');

the

creating a page that is displayed when no access


We will need to create representation (view) and action (action) on which we will forward all users who have enough privileges. First, we will create a new action in our controller errors:
the 
class ErrorController extends Zend_Controller_Action 
{ 
.... 

public function deniedAction() 
{ 
} 

.... 
}

Then we will create our view file (/application/views/scripts/error/denied.phtml) with some warning message:
the 
 
<h1>Error</h1> 
<h2>Access denied</h2> 
<p>You are trying to access an area which you have not allowed.</p>

the

power settings


Well, we set up our copy Zend_Acl. The next step is to register the plugin controller. This is an important part created by us takes the Zend_Acl instance and checks whether the current page to the user.
the 
/** Setting up the front controller */ 
require_once 'Zend/Controller/Front.php'; 
$front = Zend_Controller_Front::getInstance(); 
$front- > setControllerDirectory('path/to/controllers'); 

/** Registering the Plugin object */ 
require_once 'Zend/Controller/Plugin/Acl.php'; 
$aclPlugin = new Zend_Controller_Plugin_Acl($myAcl); 
$aclPlugin- > setRoleName($currentUserRole); 

$front- > registerPlugin(new Zend_Controller_Plugin_Acl($acl, 'guest')); 

/** Dispatching the front controller */ 
$front->dispatch();

After completing the settings, as soon as the user logs into our application, depending on his/her role will either be shown the requested page, or a page with an access denied message.

For more detailed familiarization with the topic, you can read the following:
Zend_Acl &MVC Integration
Source Code

Crosspost: http://lobach.info/develop/zf/zend_acl-and-mvc-integration-part-i/
Article based on information from habrahabr.ru

Комментарии

Отправить комментарий

Популярные сообщения из этого блога

Integration of PostgreSQL with MS SQL Server for those who want faster and deeper

Изображение
Recently habré was already published integration PostgreSQL and MSSQL. But, items there is categorically not enough. Therefore, the objectives of this publication are the following: the the to broaden and deepen publicly available information about FDW for MSSQL-called tds_fdw to tell the difference in major versions and describe basic compatibility issues; the to talk about the possibilities of optimization of queries that use the foreign table; the to address the subject of caching external data in a materialized view; the to say a few words about the exotic ways to integrate PostgreSQL and MSSQL. the Installing and configuring TDS FDW The guys from PostgresPro already sufficiently said about this process, I will not repeat. Will leave a few links to the official PostgreSQL documentation and examples from tds_fdw: the the creating an extension (extension) in PG: off.dokumentacija ; the server: off.documentation , example of tds_fdw ; the creating
Далее...

Custom database queries in MODx Revolution

This topic will certainly be useful for those who have quite a lot of projects on MODx Revolution, as with the usual sites of business cards is enough and the standard working methods of a La $modx- > getObject() , $modx->getCollection() , etc., and these methods are inherently not just a job database, but also with the objects of MODx. When working with large projects methods a La $modx- > getCollection() for us is not the best solution for two reasons: 1. The overexpenditures. These methods are not just getting data from DB, but also create instance of the retrieved objects. In this case, getting information about 10000 documents, we get 10000 objects of modResource that it is not very cool. 2. The task is complicated by the count of records. In addition to the direct difficulties of counting even at the query level, even if you get 10 records of the same document (for example), MODx will return as a result only one object modResource. Although often that will su
Далее...

Parse URL in Zend Framework 2

Objective: the Have a method to disassemble the components of the string containing the URL. The string can contain both absolute and relative URLS and both these options should be correctly parsed. the And in the drain, let's say the "wrong" format absolute links without "http://". Further in the text links to the "wrong" format will be called partial absolute references . the Implement support for the "RF" domain. the Example: site.ru/page.php /page.php site.ru/page.php the scheme http the host site.ru site.ru the path page.php page.php page.php Implementation of paragraphs 1 and 2 of our problem In this we should help the class Zend\Uri\Http . He has we need methods parse($uri) , getHost() , getPath() , etc. But! When we parse the URL and type " site.ru/page.php " (without the " http:// ") getHost() will return an empty string and getPath()
Далее...