Hi all,
I have the following code to setup some fairly simple ACL rules:
PHP Code:
$this->addRole( new Zend_Acl_Role('guest') )
->addRole( new Zend_Acl_Role('unconfirmed'), 'guest' )
->addRole( new Zend_Acl_Role('user'), 'unconfirmed' )
->addRole( new Zend_Acl_Role('admin'), 'user' )
->addRole( new Zend_Acl_Role('owner'), 'admin' )
->addRole( new Zend_Acl_Role('god'), 'owner' );
$this->allow('guest', null, array('index', 'community', 'auth', 'register') )
->allow('unconfirmed', null, null)
->allow('user', null, 'create')
->allow('admin', null, 'admin')
->allow('owner', null, null)
->allow('god');
When I query the ACL using the following, I get true, which is not what I expect.
PHP Code:
$authorized = $this->isAllowed('user', null, 'admin');
echo ($authorized) ? 'true' : 'false';
Maybe I misunderstood something about Zend_ACL, but it seems like with the rules I have a 'user' should not be able to access the 'admin' resource. Am I doing something wrong?
Thanks for any help,
Daniel
06-21-2008, 03:56 AM
Zend ACL
Linear Mode
