This happens before the actual action itself and so is an ideal
place for the check. We need to populate the Acl object with the rules to be checked at preDispatch(). As this
needs to be done earlier in the process, the init() function is where this needs to be done. In this case, the rules
are controller-specific and so are written within each controller as required. Figure 6.5 shows the complete
flow from requesting access to a controller??™s action to gaining access.
Licensed to Menshu You
Please post comments or corrections to the Author Online forum at
http://www.manning-sandbox.com/forum.jspa?forumID=329
Figure 6.5. Zend_Auth and Zend_Acl working together to provide access to a controller action
The action controller is called Places_Controller_Action_Helper_Acl and is too long to list out completely
here, so we??™ll look at the bits that do the real work. The class handles two important functions: providing a
controller-centric interface to the underlying Acl object and performing the actual authentication. As the class
is quite long, we??™ll look at it three sections. Listing 6.10 shows the class skeleton and the initial set up required.
Listing 6.10: Setting up the Acl action helper
class Places_Controller_Action_Helper_Acl extends
Zend_Controller_Action_Helper_Abstract
{
protected $_action;
protected $_auth;
protected $_acl;
protected $_controllerName;
public function __construct(Zend_View_Interface $view = null,
array $options = array())
Licensed to Menshu You
Pages:
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206