-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi,
I am working on the architecture of a new ZF application and have am questioning which module is responsible for assigning permissions to the ACL. I have an Auth module that manages the ACL for the application. The Auth module exposes an Authorization service, which is used by services of other modules to check the ACL. Does this seem like a good structure? But the main issue I'm seeking advice on is where the permissions should be set. The Auth module doesn't know about the resources of the other modules, and the other modules don't know about the roles defined in the Auth module. So should the application (aka. default module), which knows about both, assign the permissions? Does this violate the idea that permissions are business logic and thus should be defined in the model? Any insight appreciated, thanks. - -- Brenton Alker PHP Developer - Brisbane, Australia http://blog.tekerson.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAko9mzcACgkQ7bkAtAithuuRBgCeMxS2eZQjGdL+kvgKvB7loGUd 8L0AoJxOEjTQNmPv6xqwRjvRBFsUnsuG =oJCC -----END PGP SIGNATURE-----
