Thread: What is the best way to store Zend_Acl roles and resources?
View Single Post
  #1 (permalink)  
Old 09-17-2007, 12:25 AM
Specks Specks is offline
Junior Member
  
Join Date: Sep 2007
Posts: 1
Default What is the best way to store Zend_Acl roles and resources?
I was looking through the ZF Tutorials for the Zend_Acl class and came accross one that explained a good way of storing the roles and sources created by Zend_Acl. The documentation says that it's up to the programmer to create a way to store all this information.

Going through all the available methods I could come up with I found a few things that I needed cleared up. I understand that the class could be stored in a file after being serialized and then restored though unserialize. However storing the Acl in a file presents not only a scaling issue but also a security issue as far as creating a possible race condition for control over that file.

As far as the scaling issue goes. The file for a large site could become very large. This in of itself could present an issue as far as efficiency goes. Heavy access to a large file could bog a server down.

As for a race condition. When two processes access the same file and then deserialize it, make changes and then serialize it back to a file again. Neither of those procsses are aware of the changes the other one made. So one serializes and writes and then the other one does the same destroying the changes the first one made. Now we can prevent this by placing a read/write lock when changes are to be made. This presents another problem though. What happens when the locking process dies and the file is deadlocked? This could affect the operation of the site. Can't read the file, no roles, no permissions, no access to the site.

So then I thought each user could have their own file and the same problems cropped up again and more. If an admin makes a global change to a role then instead of just one file you have to deal with many. This throws that idea right out the window. It's completely inefficient.

So I'm on to the database concept. However I haven't much experience in dealing with Acls at all so I don't know what the best way to store all the information would be depending on how Zend_Acl deals with its data. How should the tables be built if you want to take advantage of Zend_Acl's full abilities? I don't understand Zend_Acl's structure well enough to be able to come up with a database structure.

Sorry for the rant. But I have a site that is aching to be built. I would appreciate any input on this. I did take a look at a tutorial and it was what I wanted to do. However It's a quick and dirty solution that won't scale well.

Specks
Reply With Quote