Constructor.>
(annotation) <#2. Initialisation.>
The functions allow() and deny() are used to set up the authentication rules for the controller. Typically
this done in the controllers init() function. The view helper??™s versions of allow() and deny() simply fill in the
resource parameter for us and change the terminology from privileges to actions. Whilst that doesn??™t seem like
a lot, it makes much more sense when creating the rules in the controller and hence maintenance long-term is
easier too.
For Places, we have different rules depending on the controller. For the index controller, we just want to
give everyone access, so the init() function is simply:
class IndexController extends Zend_Controller_Action
{
public function init()
{
$this->_helper->acl->allow(null);
}
//... class continues...
For other controllers, the rules will be more complex. For example listing 6.11 shows what is needed to
ensure that members cannot manage records within the Places Controller.
Listing 6.10: Acl action helper
class PlaceController extends Zend_Controller_Action
{
function init()
{
$memberActions = array('index', 'details', 'reportError'); |#1
$this->_helper->_acl->allow('member', $memberActions); |
$adminActions = array('add', 'edit', 'delete'); |#2
$this->_helper->_acl->allow('admin', $adminActions); |
}
//.
Pages:
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209