The plugin preDispatch() is invoked earlier than the helper preDispatch().
The order kinda looks like this:
plugins.routeStartup()
router.route()
plugins.routeShutdown()
plugins.dispatchLoopStartup()
[loop]
plugins.preDispatch()
[if controller exists]
controller.init()
helpers.preDispatch()
controller.preDispatch()
controller.action()
controller.postDispatch()
helpers.postDispatch()
[/if]
plugins.postDispatch()
[/loop while request.isDispatched is false]
plugins.dispatchLoopShutdown()
The problem with the ACL plugin is that the checking is done before the
dispatcher could determine if the controller class being requested exists.
There are a couple of ways to solve this:
- pull the dispatcher object from the front controller, test
$dispatcher->isDispatchable($request) in your plugin and act accordingly.
Basically, you duplicate the logic in the dispatcher dispatch().
- defer the checking until after the controller has been instantiated but
before the action.
You have three places to do the latter: controller init(), helper
preDispatch() and controller preDispatch(). Two of those require you to
extend a different base controller. I prefer doing it in a helper since I
might want to have other logic in some of my controller hooks so I don't
have to remember calling parent::init() or preDispatch().
-- Mon
On Fri, Jul 17, 2009 at 12:59 PM, J DeBord <[email protected]> wrote:
>
>
> 2009/7/16 Vladas Diržys <[email protected]>
>
>> Why an action helper, why not a plugin?
>>
>
>
> I'd like to know as well. Is an action helper more appropriate for the
> case I described, or should an action helper always be used for
> Authorization ( Zend_Acl anyways)?
>
> In genral, what is the difference beteween front controller plugins and
> action helpers. When would you use one instead of the other?
>
> To give Vladas a short answer based on my case, the front controller plugin
> did not provide the functionality I wanted. An action helper did.
>
> Thanks a lot,
>
> J
>
>> <http://www.dirzys.com>
>>
>>
>>
>> On Thu, Jul 16, 2009 at 14:24, Matthew Weier O'Phinney
>> <[email protected]>wrote:
>>
>>> -- J DeBord <[email protected]> wrote
>>> (on Thursday, 16 July 2009, 09:30 AM +0200):
>>> > I created a front controller plugin for checking my ACL against the
>>> user's
>>> > role. It first checks Zend_Auth for an identity. If an identity exists,
>>> it
>>> > grabs the identity's role. If no identity exists, it uses 'guest' as
>>> the
>>> > default role. I hooked into the preDispatch() method of the front
>>> controller
>>> > plugin.
>>> >
>>> > This works, except that I've lost my "page not found functionality".
>>> So I get
>>> > "resource not found" or "not authorized" message when requests for non
>>> > existance controllers or actions are made.
>>> >
>>> > Would it be better to have the controllers extend a "BaseController"
>>> that does
>>> > the ACL checks in the init() method?
>>> >
>>> > What is the preferred way or best practice for running the ACL checks?
>>>
>>> Use an action helper with a preDispatch() hook, and register it in your
>>> bootstrap. :)
>>>
>>> --
>>> Matthew Weier O'Phinney
>>> Project Lead | [email protected]
>>> Zend Framework | http://framework.zend.com/
>>>
>>
>>
>
