Hi All. Using PHP and Zend_ACL, I want to create an extremely flexible permissions system. I want to be able to assign permissions to all objects of a certain type, as well as to instances of those objects. If a specific instance of an object is queried and it doesn't exist in the resource tree then the permission set for the 'generic' o...
how should i implement Zend_Acl_Resources? do i have something like: $acl->isAllowed() in controller actions? i somehow think there maybe a better way ... but cant think of it. ...
Sorry this is a pretty long question, but i want to have some disucssions here. i am new to zend and try to avoid using modules as I think the view aspect of zend is pretty flexible and module will add extra directory and confusion. However i am wondering one thing. The app i am building is pretty big it actually has the modules concep...
CONTEXT I have just been reading about Zend ACL http://framework.zend.com/manual/en/zend.acl.html QUESTION I'm running three Zend applications on one server. My Front End App My Front End-Members App My Back End App (Site Owner's Admin) Within the applications I'm considering having two types of ACL. Application Wide ACL - ''ap...
I have a role-based permissions system where I am not sure Zend_Acl is necessary, so I'd like to ask if I am right. The web applications in question doesn't have a separate admin screens, all controllers/actions are accessible to anyone. So I can't imagine what I can call a "resourse" in such open system. But some user roles can see gr...
I have a database driven navigation mainly composed of two tables: menus and a menu_items, this works out fine for purely "static" links but now I need to have a dynamic link ( login/logout ). My menu_items table is just composed of links to pages manually added in the admin. So now I need to adjust the table and model possibly such tha...
Hey guys, I'm starting with Zend, and trying to understand the way it works (getting there), and with Acl classes, people seem to declare all the roles and resources in one file. Now to me this seems a bit of a waste of system resources if the person is only logging in as a basic user, or even just a guest/visitor to the site. So I was t...
Context: My questions pertain to a forum I'm developing pretty much exactly like SO, where there are: guests who have access to view threads but can't reply or vote members who, with enough rep, can edit/vote others threads, and by default they can reply and have the same privileges as guests admins who can pretty much do anything I...
I am working on a web application where different user groups have different access to resources. So far nothing special I guess, but there is a caveat; the application is divided into "domains" so that each of our client organizations has their own content. Here I am using a simpler model to illustrate my problem. Each domain has the...
Background information: I'm in my admin module, and I created a view helper in modules/admin/views/helpers/AdminPanel.php. I have a layout plugin that forces my view to use the layout in admin/views/layouts/default.phtml. I'm trying to access my ACL object to determine whether or not the user has resources in the context of a view help...
I have based my application upon the Zend Framework. I am using Zend_Auth for authentication, but I'm not sure if Zend_Acl will work for me because, frankly, the examples I've seen are either too simplistic for my needs or confuse me. I'm thinking of elements in my application as Resources and these Resources can have have Privileges. ...
Has anyone succesfully integrated Zend_Auth and Zend_Acl with Zend_Amf_Server? I'am looking for a working example. ...
I'm using Zend_Navigation and am trying to integrate it with Zend_Acl. Each page in the navigation has a privilege attribute. What I can't determine is how to define multiple privileges for a single page. Use case: A page that is for managing users. I want to display that page (in navigation) if the current signed in user's role has ...
Hi all, I got an issue setting up Zend_Acl, I got it pretty well setup and running but I realised that in some forms where I'm using zend_dojo, dojo doesn't actualy gets loaded. Without going to I have setup my access list, as soon as I call the line isAllowed with the name of the resource taken from the request object, dojo is not loa...
First sorry about the woffle as I'm not sure how best to describe this. Basically I am not sure how I can get param in the bootstrap before the controller is loaded, but here is the long winded version... I have got an acl class storing all my default resources in. All my page/post content is a database and I want the admin the ability ...
hello all if we have some modules in our application how we could create Model based ACL by zend framework for each models? thanks ...
Hello, I'm contemplating using Zend_ACL. However, to me it looks like you create roles and then give those roles permissions to controllers and actions they can or cannot access. However, to me that seems fairly limited. I have created a user permission system in the past where I stored the user_id, the module, the controller and the a...
Here is my route in JSON: "jobs": { "type":"Zend_Controller_Router_Route", "route":"/jobs/:action/:id/*", "defaults": { "module":"api", "controller":"jobs", "action":"index", "id":0 } } This allows for URIs like the following and works perfectly well so far: /jobs/ -> action=index, id=0 /jobs/v...
I have an application that is behind a login and utilizes zend_acl and zend_auth. During pre-dispatch I have an ACL plugin that creates all the rules out for the ACL. I also have an Auth plugin that checks if you're logged in or not and if so if you have access to the requested resource according to the ACL. As the application is entir...
i am using Zend Framework Zend_Acl i am wanting to throw an exception when the user is denied access to a resource. which exception class do i use? ...