Drew Fulton
Reputation: 203
Zend Framework ACL Roles and Modules
I am going insane trying to distinguish between the Index controller and Index action in my Admin Module and the Index controller and Index action in my Default module using ACL.
I want logged in users to be able to have access to the Default Module's index controller but not the admin module at all. No matter what I try, if I allow access to the default module's index, the admin modules index is available as well.
Any suggestions would be greatly appreciated. Thank you
Upvotes: 3
Views: 4823
Answers (1)
Optimus
Reputation: 1835
Define your resources as module-controller and privileges as action then you can have something like this
...
// Default module, index controller
$this->addResource(new Zend_Acl_Resource('default-index'));
// Admin module, index controller
$this->addResource(new Zend_Acl_Resource('admin-index'));
// Allow user to access default module, index controller, index and about actions
$this->allow('user', 'default-index', array('index', 'about'));
// Allow admin to access admin module, index controller, all actions
$this->allow('admin', 'admin-index');
...
[EDIT] And in your controller plugin predispatch
...
$module = $request->getModuleName();
$controller = $request->getControllerName();
$action = $request->getActionName();
$resource = "{$module}-{$controller}";
if ($acl->has($resource)) {
if (!$acl->isAllowed($role, $resource, $action)) {
}
}
...
Upvotes: 5
Related Questions
- ZEND_ACL solution in the module based application
- Zend Framework 2 ACL implementation
- Zend module specific ACL
- Access control in zend framework
- Zend ACL with Modules and Controller access issues
- Zend Framework double Acl Resources with Modules
- Zend_Acl, Zend_Auth and Modules
- How to setup Module Specific ACL Resource?
- Zend framework ACL question
- PHP, ZF: Zend_Acl for module-controller-action