Zend_Acl, Zend_Auth and Modules

Question

I am trying to get around Zend_Acl but had no success so far. I need help as I am really stuck. My situation is this:

I have two modules

• members
• administrators

and two roles

• member
• admin

I set up an Zend_Auth with a login that gets to the members module both the member and admin role. Both can do some stuff here but the admin role can also have access to the 'administrators' module where can do more administrator stuff.

I set up an Acl as follow:

$acl = new Zend_Acl();

$acl->addRole(new Zend_Acl_Role('member'));
$acl->addRole(new Zend_Acl_Role('admin'), 'member');

$acl->add(new Zend_Acl_Resource('members'));
$acl->add(new Zend_Acl_Resource('administrators'), 'members');

$acl->allow('member', 'members'); 
$acl->allow('admin',  'administrators');


$registry = Zend_Registry::getInstance();
$registry->set('acl', $acl);

I have saved this file and I am calling it in the index.php page.

Assuming the what I have done so far is correct, my problem is what to do next? It is the first time I deal with Acl and honestly I am a bit confused about the all think works. Could you please help? Thank very much in advance.

Answer 1

You have constructed the ACL object. You need to use it now, every time you need to check whether the current user has access to one of the resources.

To do so, you need to retrieve your ACL object from the registry:

$acl = Zend_Registry::get('acl');

And then query it:

if ($acl->isAllowed($yourUser, 'members')) {
  // Do the job
} else {
  // some message or redirection
}

You can see more details in the Zend_Acl documentation.

Hope that helps,