Hi Pat, The third parameter of Zend_Acl::isAllowed() is not specifically for controller actions, though this would be a reasonable use case, where the requested controller action corresponds to a Zend_Acl privilege. Indeed, Zend_Acl is not only for controlling access to specific modules, controllers, and actions, but also should be quite suitable for use within ACL-aware data models, for example.
I believe that you can get the functionality you desire by structuring your resources into a tree, and taking advantage of rule inheritance, as Xing has already suggested. Best regards, Darby pat wrote: > Hi List, > > A few months ago I requested that the ACL unit allow some form of > globbing. But, The impending release made that impossible. Is now a > good time to consider resource globbing in the acl? What I have in mind > is the following: > //resource = *. controller.* > $this->_acl->isAllowed($role, $resource); > > > instead of this: > > !$this->_acl->isAllowed($role, $resource, $action); > > > In short, I'd like the ACL to work at the module level and include > globbing. > > Is this possible? > > cheers, > > pat > > > >
