Need suggestings setting up Zend_Acl
-
12-10-2019 - |
Question
Suppose I have the classes/models
- Projects (has many lists)
- Lists
I want to allow only users that are collaborators of a project to be able to add lists. How do I do that. I know I should use Zend_Acl_Assert
but what do I pass as the resource. For edit/delete I will pass the list itself. For add it seems more like it should be a project. Which seems more correct if I move the ListsController#addAction()
to ProjectsController#addListAction()
? This is 1 possibility
But if I want to do something like ListsController#addAction()
how can I setup my acl?
$acl->allow('user', 'list', 'add', new assertClass());
Will pass 'list' as the resource. Can I somehow pass a project object instead? It does not seem to make sense tho
Solution
Can I somehow pass a project object instead?
As long as the object implements Zend_Acl_Resource_Interface
and has been registered in the ACL, you can use anything you want.
OTHER TIPS
Why are you passing the list for edit and delete, seems unnecessary? Doing it without the passing the list will work fine.
If you require extra checks, what I've done is add a ensurePermission check on my model preSave, which checks the ACL among other things to determine that it's all good.