Permissions on actions and pages

Question

When using Zend_Acl, there is only a permission check on a specific module/controller/action ... Now, when I have custom urls for pages, not all pages have their own mdouel/controller/action. And I'd like people to see some pages but not all, there is no way to do this with Zend_Acl, correct? So should I create a new permissions system for the pages?

Answer 1

Zend_Acl will handle everything you need for access control. Your job is to define the resource and privileges. This means you can add permissions to any request. It sounds like you have an ACL algorithm that you copied from ZF manual or some other place online and your trying to adhere to that as if it is a standard. Zend_Acl never says you have to stick to their method.

Now, to your problem. Because you have the same module/controller/action for every page, you should treat that as one resource and then you could define page level privileges based on a param of your custom URL that you mentioned.

Simply stated, you can do this:

$acl->allow('role', 'Module:Controller:Action', array('UrlParams'));

Don't forget, Zend_Acl::allow is resource and privilege based NOT module/controller/action based. See below:

$acl->allow('role','resource',array('privileges'));

Answer 2

So check the permissions on all controller actions:

$this->allow('userGroup', 'controller');

in that way instead checks the permissions only and exclusively to a single controller action:

$this->allow('userGroup', 'controller', 'action');

I hope to check out a help