zend acl dynamic assertions : when/how to load the resource?

Question

i'm creating a zend framework 2 application and i'm sort of trying to implement what is explained here:

http://ralphschindler.com/2009/08/13/dynamic-assertions-for-zend_acl-in-zf

The demonstration that the code works is really nice, but it doesn't really apply to how a framework (utilizing mvc) works. Or maybe i'm just on the wrong track...

i've created a RouteListener like this :

class RouteListener implements ListenerAggregateInterface 
{ 
    public function attach(EventManagerInterface $events) 
    {
        $this->listeners[] = $result = $events->attach( 
            MvcEvent::EVENT_DISPATCH, array($this, "checkAcl"), 100 
        ); 
    }
}

the method checkAcl then checks if you're allowed to do what you want to do.

The resource and action are determined like this:

$resource = $routeMatch->getParam("controller");
$action = $routeMatch->getParam("action");

And the role is determined by the identity stored in the session (which implements Zend\Permissions\Acl\Role\RoleInterface)

Following the example: how do i determine if a user is allowed to edit a certain blog-post? By the time acl is doing it's checking, the controller hasn't loaded the blogpost yet, so i'm not sure how to approach this. Unless i duplicate the retrieval of the blogpost in the assertion, but that i'm hoping there is a better way.

Answer 1

I'm also using doctrine for my persistence layer and in the end i've solved this problem using doctrine's Lifecycle Events. This allows you to trigger the acl-check whenever you want: when a entity (p.e. a blog-post) is loaded, or saved, etc.