-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel Lo wrote:
> Hello Brenton,
>
> I think these questions may influence your decision...
>
> 1. What about admin access? (Typically god like access, irrelevant of
> permissions)
> 1a. What about the admin faking it as another user in attempt to reproduce the
> bug?
>
> 2. What about test code? Should your test code test both the model
> functionality and your security model?
>
> 3. Should other people be able to use these models without the security?
> 3a. Say you need to write some code to audit your models against your
> database.
> 3b. Or you want to obtain some statistical data.
> 3c. What about 3rd party access? Say you want to allow client X to view some
> data?
>
> You can also possibly do it both ways, I haven't really thought this out, but
> this may be possible.
>
> class MyModel {
> public function getTitle();
> }
>
> class MyModel_Secure {
> private $MyModel;
>
> public function __construct($acl, $args) {
> $this->MyModel = new MyModel($args);
> }
>
> public function getTitle() {
> if ( $acl->saysYes ) return $myModel->getTitle();
> throw new Exception("opps");
> }
> }
>
> This would handle both of your concerns at the same time. You get the
> benefits
> of an independent model layer, but you also get the security too. At twice
> the
> model count...
I appreciate the questions, they are things to consider, but I think the
point of my question is being missed. Maybe some code snippets will
help. I understand (I think) how and where to *query* the ACL, I have
the code along these lines:
class Guestbook_Service_Post implements Zend_Acl_Resource_Interface
{
public function savePost(Guestbook_Model_Post $post) {
$this->_authorizationService->enforce($this,
Guestbook_Service_Post::PRIVILEGE_CREATE);
/* ... save the post ... */
}
public function getResourceId()
{
return 'Guestbook_Post';
}
}
Where $this->_authorizationService is the Auth_Service_Authorization and
the enforce() method throws an exception if permission is denied to the
currently logged in user (Based on Zend_Auth).
The primary conundrum is, how can the Auth_Service_Authorization class
*instantiate* and *populate* the ACL? It would need to be aware of
Guestbook_Post resource, and the
Guestbook_Service_Post::PRIVILEGE_CREATE privilege, and assign those
privileges to whatever roles are defined by Auth_Service_Authorization.
But, on the other hand, how can Guestbook_Service_Post populate the ACL
if it doesn't know what roles are defined by Auth_Service_Authorization?
I don't know if I'm making the question any clearer, I feel like I'm
just going round in circles.
I think key to the whole issue is that I am trying to make the modules
(in the example, the guestbook module, but looking towards any module)
able to be dropped in to an application and work "out of the box". For
this application I will configure it in the module, thereby tying the
module to the application. Though a more generic solution would be nice
in the long run.
- --
Brenton Alker
PHP Developer - Brisbane, Australia
http://blog.tekerson.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAko+390ACgkQ7bkAtAithus/0gCgyGjzODQ/g6sbk9ee1SnR/LxH
yiwAoNBdnSW4BrBRfWBiRkzmRx+azBTU
=S6XL
-----END PGP SIGNATURE-----
