"subclassing" the resources in ACL

ickmund · #1 (**permalink**) 01-21-2008, 05:01 PM

Sorry if the topic is misleading, I can't figure out a better way to describe it.

§ 2.2.1 in the ZF docs talk about setting up resources in a way that I can't quote see the benefit of.

PHP Code:


			
<?php

$acl->add(new Zend_Acl_Resource('news'));                 // news

$acl->add(new Zend_Acl_Resource('latest'), 'news');       // latest news

You would check if a user could view latest news with something like

PHP Code:


			
isAllowed('staff', 'latest', 'view')

The thing I don't understand here is what is gained using this method compared to setting up the resource with

PHP Code:


			
$acl->add(new Zend_Acl_Resource('latest news'));       // latest news

If I was to several different feeds, say 'news' and 'notices', and wanted to set up a 'latest' for both of those, checking isAllowed('staff', 'latest', 'view') wouldn't cut it anymore.

This wouldn't work:

PHP Code:


			
$acl->add(new Zend_Acl_Resource('news'));                 // news

$acl->add(new Zend_Acl_Resource('notices'));              // notices

$acl->add(new Zend_Acl_Resource('latest'), 'news');       // latest news

$acl->add(new Zend_Acl_Resource('latest'), 'notices');    // latest notices



isAllowed('staff', 'latest', 'view');

Is there a way to do something like "is allowed to view latest that subclass news"?

If not, why should you set up your resources like that?

I'm hoping I've made *some* sense... evaluating the framework, so I'm pretty new to it still...

//Magnus

frosty1 · #2 (**permalink**) 01-23-2008, 08:35 PM

the key there is that you can apply permissions based on either all of the actions in one controller, or specifiy which actions which person can access.

you might let everyone view the latest news, but you could restrict one action like news->memberOnly to members.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode