Zend_ACL - Cannot use my current model with it, I think I'm doing MVC the wrong way here
https://stackoverflow.com/questions/12852338
-
06-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I've just started using Zend_ACL to restrict access to certain controllers based on user roles. Its working pretty fine except however now I need to set it up so that users can only access their own records. For example my application allows people to make bookings. I need to restrict using ACL that users can only view their own bookings on the application while administrators can see all bookings.
I read about using assertations but some how I think I've been using my models the wrong way. Here is how I set up a typical model.
<?php
class Model_Bookings extends Zend_Db_Table {
//class Variable
protected $_name = 'bookings';
protected $_primaryKey = 'id';
function _toArray($a, $index='id', $value='title') {
}
function add($data) {
}
function update($data) {
}
function delete($id) {
}
function get($id = false, $options = false) {
}
}
?>
The model in this case doesn't correspond to a single instance of the booking object :( how can I use such a model in this case when restricting views using ACL i.e how can I set it up so that when the user goes to list of bookings he sees only his bookings. Do I need to do some major refactoring here? Please help.
Solution
I'm afraid I'm not answering your question, but here are some really good articles to read. Maybe you'll find help there :
