Integration of Zend_Acl and MVC. Part 1 (simplest use)
So what's wrong with Zend_Acl and the current MVC implementation in the Zend Framework? Nothing wrong, just not too obvious for developers how to achieve optimal integration between these two important parts of the framework.
First, this article is based on the following sentence ( link ), which is currently at the stage of Awaiting recommendation.
Well, how does it work? There are two main components in this sentence:
Based on these two components, let's try them on an example. Let's talk about a site like DevZone.
We will need a controller for managing users and another controller for managing articles, as well as 3 types of users (roles): one for guests, one for authors of articles and another for approving articles. Total, we have:
Resources:
Roles:
After determining what we need to do, the next step is to create an instance of Zend_Acl that reflects our model.
We will now create roles in our Zend_Acl instance.
We will create the necessary resources (one per controller), as well as their relationship with the roles we have created.
Now we have added roles and resources to our instance of Zend_Acl, it's time to explain what actions should be available for which roles.
We will need to create a view (view) and action (action) to which we redirect all users who do not have enough privileges. First, we will create a new action in our error controller:
Then we will create our view file (/application/views/scripts/error/denied.phtml) with some warning message:
Well, we set up our instance of Zend_Acl. The next step is to register a controller plugin. This important part takes the instance of Zend_Acl we created and checks if the current page is accessible to the user.
After the configuration is completed, as soon as the user enters our application, depending on his / her role, the requested page will be displayed or a page with a message on access denied will be displayed.
For more information on the topic, you can read the following:
Zend_Acl & MVC Integration
and a small example:
Source code
')
Crosspost: http://lobach.info/develop/zf/zend_acl-and-mvc-integration-part-i/
First, this article is based on the following sentence ( link ), which is currently at the stage of Awaiting recommendation.
Well, how does it work? There are two main components in this sentence:
- Front Controller Plugin: This component decides whether the current user has access to the page being opened.
- Action Helper: This component allows you to check whether the current user has access inside the controller.
Based on these two components, let's try them on an example. Let's talk about a site like DevZone.
We will need a controller for managing users and another controller for managing articles, as well as 3 types of users (roles): one for guests, one for authors of articles and another for approving articles. Total, we have:
Resources:
- User Controller.
- Controller articles.
Roles:
- Guest (Guest).
- Author (Writer).
- Admin.
Setting up the Zend_Acl component
After determining what we need to do, the next step is to create an instance of Zend_Acl that reflects our model.
/ ** Creating the ACL object * / require_once 'Zend / Acl.php'; $ myAcl = new Zend_Acl ();
Creating roles
We will now create roles in our Zend_Acl instance.
/ ** Creating Roles * /
require_once 'Zend / Acl / Role.php';
$ myAcl-> addRole (new Zend_Acl_Role ('guest'))
-> addRole (new Zend_Acl_Role ('writer'), 'guest')
-> addRole (new Zend_Acl_Role ('admin'), 'writer');
Resource creation
We will create the necessary resources (one per controller), as well as their relationship with the roles we have created.
/ ** Creating resources * /
require_once 'Zend / Acl / Resource.php';
$ myAcl-> add (new Zend_Acl_Resource ('user'))
-> add (new Zend_Acl_Resource ('article'));
Privilege creation
Now we have added roles and resources to our instance of Zend_Acl, it's time to explain what actions should be available for which roles.
- Guests cannot edit, add and publish articles.
- Authors cannot publish articles.
- Administrators have full access.
/ ** Creating permissions * /
$ myAcl-> allow ('guest', 'user')
-> deny ('guest', 'article')
-> allow ('guest', 'article', 'view')
-> allow ('writer', 'article', array ('add', 'edit'))
-> allow ('admin', 'article', 'approve');
Creating a page displayed when not accessed
We will need to create a view (view) and action (action) to which we redirect all users who do not have enough privileges. First, we will create a new action in our error controller:
class ErrorController extends Zend_Controller_Action
{
....
public function deniedAction ()
{
}
....
}
Then we will create our view file (/application/views/scripts/error/denied.phtml) with some warning message:
<h1> Error </ h1> <h2> Access denied </ h2> <p> You are trying to make sure you are not allowed. </ p>
Complete setup
Well, we set up our instance of Zend_Acl. The next step is to register a controller plugin. This important part takes the instance of Zend_Acl we created and checks if the current page is accessible to the user.
/ ** Setting up the front controller * /
require_once 'Zend / Controller / Front.php';
$ front = Zend_Controller_Front :: getInstance ();
$ front-> setControllerDirectory ('path / to / controllers');
/ ** Registering the Plugin object * /
require_once 'Zend / Controller / Plugin / Acl.php';
$ aclPlugin = new Zend_Controller_Plugin_Acl ($ myAcl);
$ aclPlugin-> setRoleName ($ currentUserRole);
$ front-> registerPlugin (new Zend_Controller_Plugin_Acl ($ acl, 'guest'));
/ ** Dispatching the front controller * /
$ front-> dispatch ();
After the configuration is completed, as soon as the user enters our application, depending on his / her role, the requested page will be displayed or a page with a message on access denied will be displayed.
For more information on the topic, you can read the following:
Zend_Acl & MVC Integration
and a small example:
Source code
')
Crosspost: http://lobach.info/develop/zf/zend_acl-and-mvc-integration-part-i/
Source: https://habr.com/ru/post/31639/
All Articles