ansaurus

Question

Zend Framework: preDispatch ACL plugin causes requests to non existent page to Access Denied instead of 404

Answer 1

+1 A:

I had the same issue and added this to the preDispatch function (using modules though, but it's the $acl->has() function that is interesting):

if (!$acl->has($request->module . '_' . $request->controller)) {
    // action/resource does not exist in ACL
    $request->setModuleName('default');
    $request->setControllerName('error');
    $request->setActionName('notfound');
} else {
    // resource does exist, check ACL
    if (!$acl->isAllowed($role, $module . '_' . $controller, $action)) {
        $request->setControllerName('user');
        $request->setActionName('login');
    }
}

zwip 2010-08-06 10:12:25

i havent tried this solution, but i think it will work, except that i did not define acl rules for non protected page. so i think the solution i might use is: `if (!acl->has('xxx')) { return true }`. this way, the request will continue to be processed and likely result in a 404

jiewmeng 2010-08-06 11:06:07

hey wait a min! i actually already have this setup, thats why it looks so familiar, that check, checks the resource, the action is in the privilege, and that is where the problem lies now.

jiewmeng 2010-08-06 12:36:57

You could also try to modify your ErrorController to catch and redirect an access denied error to your 404 view.

zwip 2010-08-06 14:27:34

ansaurus

tags:

views:

answers:

Zend Framework: preDispatch ACL plugin causes requests to non existent page to Access Denied instead of 404

update

related questions