I think your articles should implement the Resource_Interface and your users
should implement the Role_Interface. The article/resource will have
knowlnedge about who its creator is and since both objects are passed to the
assertion you could then simple do something like:
if ($article->ownerId == $role->userId) { echo "this is allowed"; }
It's more or less what you proposed earlier, but without the need for static
variables.
And if a resource/article has also knowledge about the category it's in you
could also decide that it requests the owner-id of the category and use
that.
-----
http://devshed.excudo.net http://devshed.excudo.net
--
View this message in context:
http://www.nabble.com/Using-ACL-asserts-to-validate-access-to-specific-instances-of-a-generic-resource-tp19678452p19686252.html
Sent from the Zend Framework mailing list archive at Nabble.com.
