Integration of Zend_Acl and MVC. Part 1 (simple usage)

so what is wrong with Zend_Acl and the current MVC implementation in the Zend Framework? There's nothing wrong, just not too obvious for developers how to achieve optimal integration between these two important parts of the framework.

First, this article is based on the next sentence (link), currently pending recommendations.
Well, how does it work? There are two main components in this proposal:
    the
  1. the Plugin from the front controller (Front Controller Plugin): this component decides whether the current user access to the opened page.
  2. the
  3. Assist steps (Action Helper): This component allows you to check if the current user has access inside of the controller.

Based on these two components, let's try the example. Let's talk about the website like DevZone.
We will need a controller to manage users and another controller for articles, as well 3 types of users (roles): one for guests, one for authors and another for approval of articles. In total, we have:

Resources:
    the
  1. Controller users.
  2. the
  3. Controller articles.

Role:
    the
  1. Guest (Guest).
  2. the
  3. Author (Writer).
  4. the
  5. Administrator (Admin).

the

setup Zend_Acl component


After determining what we need to do, the next step is creating an instance of Zend_Acl, an expression of our model.
the
/** Creating the ACL object */ 
require_once 'Zend/Acl.php'; 
$myAcl = new Zend_Acl(); 

the

Creating roles


Now we will create the roles in our copy Zend_Acl.
the
/** Creating Roles */ 
require_once 'Zend/Acl/Role.php'; 
$myAcl- > addRole(new Zend_Acl_Role('guest')) 
->addRole(new Zend_Acl_Role('writer'), 'guest') 
->addRole(new Zend_Acl_Role('admin'), 'writer'); 

the

Creating resources


Create the necessary resources (one per controller), as well as their relations with the roles created by us.
the
/** Creating resources */ 
require_once 'Zend/Acl/Resource.php'; 
$myAcl- > add(new Zend_Acl_Resource('user')) 
- >add(new Zend_Acl_Resource('article')); 

the

privileges


Now we have added roles and resources in our instance of Zend_Acl, it is time to explain what actions should be available to any roles.
    the
  1. Guests can't edit, add and publish articles.
  2. the
  3. Authors can publish articles.
  4. the
  5. Administrators have full access.

the
/** Creating permissions */ 
$myAcl- > allow('guest', 'user') 
->deny('guest', 'article') 
->allow('guest', 'article', 'view') 
->allow('writer', 'article', array('add', 'edit')) 
->allow('admin', 'article', 'approve'); 

the

creating a page that is displayed when no access


We will need to create representation (view) and action (action) on which we will forward all users who have enough privileges. First, we will create a new action in our controller errors:
the
class ErrorController extends Zend_Controller_Action 
{ 
.... 

public function deniedAction() 
{ 
} 

.... 
} 

Then we will create our view file (/application/views/scripts/error/denied.phtml) with some warning message:
the
 
<h1>Error</h1> 
<h2>Access denied</h2> 
<p>You are trying to access an area which you have not allowed.</p> 

the

power settings


Well, we set up our copy Zend_Acl. The next step is to register the plugin controller. This is an important part created by us takes the Zend_Acl instance and checks whether the current page to the user.
the
/** Setting up the front controller */ 
require_once 'Zend/Controller/Front.php'; 
$front = Zend_Controller_Front::getInstance(); 
$front- > setControllerDirectory('path/to/controllers'); 

/** Registering the Plugin object */ 
require_once 'Zend/Controller/Plugin/Acl.php'; 
$aclPlugin = new Zend_Controller_Plugin_Acl($myAcl); 
$aclPlugin- > setRoleName($currentUserRole); 

$front- > registerPlugin(new Zend_Controller_Plugin_Acl($acl, 'guest')); 

/** Dispatching the front controller */ 
$front->dispatch(); 

After completing the settings, as soon as the user logs into our application, depending on his/her role will either be shown the requested page, or a page with an access denied message.

For more detailed familiarization with the topic, you can read the following:
Zend_Acl &MVC Integration
Source Code

Crosspost: http://lobach.info/develop/zf/zend_acl-and-mvc-integration-part-i/
Article based on information from habrahabr.ru

Комментарии

Популярные сообщения из этого блога

Integration of PostgreSQL with MS SQL Server for those who want faster and deeper

Parse URL in Zend Framework 2

Custom database queries in MODx Revolution