The first approach we will take is to
protect specific controllers and actions for specific roles.
6.4.2 Configuring a Zend_Acl Object
As we have discovered, a fair amount of configuration of a Zend_Acl object is required before we can use it.
This means that we want to make the setting up as easy as possible. We can make it easier on ourselves by
storing the roles in our config.ini file. For each role, we need to store in its name and parent the INI file.
Therefore we enter them into the INI file as shown in listing 6.8.
Listing 6.8: Extended Zend_Acl object
acl.roles.guest = null | #1
acl.roles.member = guest |
acl.roles.admin = member |
(annotation) <#1. All roles are a child of acl.roles for easy reading back.>
To read the configuration file, we extend Zend_Acl to read from the roles from config object and into the Acl
object. The code do to this is shown in Listing 6.9.
Listing 6.9: Extended Zend_Acl object
class Places_Acl extends Zend_Acl
{
public function __construct()
{
$config = Zend_Registry::get('config'); #1
$roles = $config->acl->roles;
$this->_addRoles($roles);
}
protected function _addRoles($roles)
{
foreach ($roles as $name=>$parents) { #2
if (!$this->hasRole($name)) { #3
if (empty($parents)) {
$parents = null;
} else {
$parents = explode(',', $parents);
}
$this->addRole(new Zend_Acl_Role($name), $parents);
}
}
}
}
(annotation) <#1.
Pages:
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204