hello Joseph, i think you have to make an overview about your modules,controllers and actions, so after that, you have your ACL resources (module + controller = resource) and your privileges (actions).
Example: There are 2 classes: BlogController, BlogCommentController and each class has the following methods: viewAction, editAction, deleteAction, approveAction. So, the resources for your ACL object are "blog" and "blog-comment". The dash is important, because of camelCased name "BlogComment" and the zf method getControllerName() returns a dash seperated string for camelCase. Ok, so each Controller represents its own resource and they have the same actions (ACL privileges). Zend_Acl will not give "delete" access to a resource "blog", if there is "delete" access to a resource "blog-comment". They are different things. greets, David Joseph Crawford wrote: > > The Reference manual is a bit daunting when it comes to how to > implement this. > > I understand how to use the stuff based on the examples the question I > have is where all this goes. Is this put in the bootstrap file? > Does each controller need to have the ACL defined in there? > > The reason I ask is because I might have these actions for a blog > (view, edit, delete, approve) but I might also have those actions for > blog comments. > I might not want a user who has full privileges for the blog to be > able to do anything on the blog comments. > > Anyone know of a good tutorial / walkthrough that will show me these > things and hopefully answer these questions? > > Thanks, > Joseph Crawford > > -- View this message in context: http://www.nabble.com/ACL-Roles---Resources-tp17261893p17263210.html Sent from the Zend Framework mailing list archive at Nabble.com.
