You could make a view helper. Here's mine, you'd need to adjust to taste:
class My_View_Helper_IsAllowed extends Zend_View_Helper_Abstract
{
public function isAllowed($resource = null, $privilege = null)
{
$front = Zend_Controller_Front::getInstance();
if ($front->hasPlugin('App_Controller_Plugin_Auth'))
{
$authPlugin =
$front->getPlugin('App_Controller_Plugin_Auth');
$identity = Zend_Auth::getInstance()->getIdentity();
$role = (!empty($identity) && isset($identity->id)) ?
'#user_'.$identity->id : null;
$retval = false;
try {
$retval = $authPlugin->acl->isAllowed($role,
$resource, $privilege);
}
catch (Exception $ex) { }
return $retval;
}
return false;
}
}
Then in the views you could do:
<?php if ($this->isAllowed('admin_user', 'index')) { ?>
<li> "<?=$this- url(array('module'=>'admin', 'controller'=>'user'),
null, true)?>">Manage Users
<?php } ?>
bytte wrote:
>
> I managed to set up authentication through Zend_Auth and access control
> through Zend_Acl. This works without any problem. However, I'd like to
> take things one step further.
>
> My view scripts sometimes display links to pages that are not accessible
> by the logged in user, because that user does not have the proper rights
> to view that page. Think of an "edit" link next to a blog article. If only
> the author of the article is allowed (via Zend_Acl) to edit the article,
> then it makes no sense to display the "edit" link to other users as well,
> as clicking on the link will only send them to a "not authorised" page.
>
> Is there a convenient way of dealing with this problem? I'm sure it's a
> common request so I was hoping someone could help me with it.
>
> Thanks in advance.
>
--
View this message in context:
http://www.nabble.com/Restricting-display-of-links-to-non-authorized-pages-in-view-scripts--how-to--tp20273593p20274511.html
Sent from the Zend Framework mailing list archive at Nabble.com.