-- Ehask71 <[email protected]> wrote
(on Tuesday, 24 February 2009, 12:25 PM -0800):
>
> I have an app I am working on and need some help understanding the Docs.
>
> $acl->allow('staff', 'member', array('edit', 'submit', 'revise'));
>
> This allows staff access to member resource but where do I set privileges
> like edit,submit,revise??
>
> I have read and reread the ZF Docs on Acl. I must be missing something
You just did -- define the privileges, that is. :)
No, really, it's that simple. There are interfaces for roles and
resources, but privileges are defined when you actually create the rules
using allow() and deny() -- and they're simply strings.
Later, when you *query* the ACLs to see if a given role has rights, you
use the same privilege strings:
if ($acl->isAllowed($role, $resource, $priv)) {
}
> In my specific case I have an app that has a ProfileController in Member
> module well everyone including guests can see the IndexAction but I dont
> want guests having access to
>
> editAction or others in the ProfileController
>
> // Resources
> $this->add(new Zend_Acl_Resource('member'));
> $this->add(new Zend_Acl_Resource('profile'), 'member');
> // Rules
> $this->allow('guest','default');
> $this->allow('guest','profile',array('index'));
--
Matthew Weier O'Phinney
Software Architect | [email protected]
Zend Framework | http://framework.zend.com/
