php - How to all actions under a controller as resource in Zend Acl -
i trying follow tutorial zend auth , zend acl using 1.11 framework link here!
i have setup authentication , able use authentication controller::action pairs given in acl.php page. firstly test 2 additional parameter on users table whether user account activated , if user banned administrator before allowing access site. how implement in code.
secondly know how include actions under 1 controller user authorization level. i.e. have masters controller has numerous actions under various tables. tell me how restrict access masters controller actions admin role only. without adding resources , allow resources each action in acl.php. please tell me if logic can extended allow access on entire modules instead of controllers(by 1 add resource , allow resource)? if yes how?
firstly test 2 additional parameter on users table whether user account activated , if user banned administrator before allowing access site.
the tutorial code uses vanilla version of zend_auth_adapter_dbtable uses specific api authentication. make zend_auth work how want not difficult require thought you'll need implement zend_auth_adapter_interface. sounds worse is, have implement authenticate() method. here example of auth adapter can used in place of zend_auth_adapter_dbtable:
<?php //some code truncated length , relevance class my_auth_adapter implements zend_auth_adapter_interface { protected $identity = null; protected $credential = null; protected $usersmapper = null; public function __construct($username, $password, my_model_mapper_abstract $usermapper = null) { if (!is_null($usermapper)) { $this->setmapper($usermapper); } else { $this->usersmapper = new users_model_mapper_user(); } $this->setidentity($username); $this->setcredential($password); } /** * @return \zend_auth_result */ public function authenticate() { // fetch user information according username $user = $this->getuserobject(); if (is_null($user)) { return new zend_auth_result( zend_auth_result::failure_identity_not_found, $this->getidentity(), array('invalid username') ); } // check whether or not hash matches $check = password::comparepassword($this->getcredential(), $user->password); if (!$check) { return new zend_auth_result( zend_auth_result::failure_credential_invalid, $this->getidentity(), array('incorrect password') ); } // success! return new zend_auth_result( zend_auth_result::success, $this->getidentity(), array() ); } // public function setidentity($username) // public function setcredential($password) // public function setmapper($mapper) /** * @return object */ private function getuserobject() { return $this->getmapper()->findonebycolumn('username', $this->getidentity()); } /** * @return object */ public function getuser() { $object = $this->getuserobject(); $array = array( 'id' => $object->id, 'username' => $object->username, 'role' => $object->getroleid() ); return (object) $array; } // public function getidentity() // public function getcredential() // public function getmapper() } you can modify auth adapter pretty need.
as far access list concerned, thing remember resources defined string. in case of tutorial resource defined as:
$this->add(new zend_acl_resource('error::error')); where string on left side of colon represents controller , string on right side of colon represents action. it's line in acl plugin tell's resources are:
if(!$acl->isallowed($user->role, $request->getcontrollername() . '::' . $request->getactionname())) you can change definition of resources represent works you.
it's difficult provide hard , fast rules on how implement acl because seems every project needs different.
look around web , you'll find several different implementations of zend framework acl, of them can complex.
here 1 might provide more insight. http://codeutopia.net/blog/2009/02/06/zend_acl-part-1-misconceptions-and-simple-acls/
good luck
Comments
Post a Comment