FYI, if you havent seen this already, its definitely worth a look:
http://devzone.zend.com/article/4601
There are a couple of PDF's linked in there, the most helpful being the
main one about the dispatch cycle.
Cheers!
ralph
Jon Lebensold wrote:
It's postings like this that keep me on the mailing list. Thanks Mon Zafra!
j
On Fri, Jul 17, 2009 at 3:20 AM, Muhammad Ali <imjob.org
<http://imjob.org>@live.com <http://live.com>> wrote:
Hi J
I am not sure if it would help but I am using
Zend_Controller_Plugin_Abstract and registered in Bootstrap and
works fine.
function _initPlugins(){
Zend_Controller_Front::getInstance()->registerPlugin(new
Plugin_ControllerAcl());
}
Thanks
*From:* J DeBord <mailto:[email protected]>
*Sent:* Friday, July 17, 2009 8:02 AM
*To:* Zend Framework General <mailto:[email protected]>
*Subject:* Re: [fw-general] Zend_Acl When / Where to check your ACL?
On Fri, Jul 17, 2009 at 8:58 AM, Muhammad Ali <imjob.org@
<mailto:[email protected]>live.com <http://live.com>> wrote:
Hi
I think you need to add the error resource to the Acl and allow
full access to error controller.
You do need to do this, but I was having another issue. It was
related to when the ACL is being checked, not the access rules
themselves.
Thanks
*From:* Mon Zafra <mailto:[email protected]>
*Sent:* Friday, July 17, 2009 7:00 AM
*To:* Zend Framework General <mailto:[email protected]>
*Subject:* Re: [fw-general] Zend_Acl When / Where to check your ACL?
The plugin preDispatch() is invoked earlier than the helper
preDispatch(). The order kinda looks like this:
plugins.routeStartup()
router.route()
plugins.routeShutdown()
plugins.dispatchLoopStartup()
[loop]
plugins.preDispatch()
[if controller exists]
controller.init()
helpers.preDispatch()
controller.preDispatch()
controller.action()
controller.postDispatch()
helpers.postDispatch()
[/if]
plugins.postDispatch()
[/loop while request.isDispatched is false]
plugins.dispatchLoopShutdown()
The problem with the ACL plugin is that the checking is done
before the dispatcher could determine if the controller class
being requested exists. There are a couple of ways to solve this:
- pull the dispatcher object from the front controller, test
$dispatcher->isDispatchable($request) in your plugin and act
accordingly. Basically, you duplicate the logic in the
dispatcher dispatch().
- defer the checking until after the controller has been
instantiated but before the action.
You have three places to do the latter: controller init(),
helper preDispatch() and controller preDispatch(). Two of those
require you to extend a different base controller. I prefer
doing it in a helper since I might want to have other logic in
some of my controller hooks so I don't have to remember calling
parent::init() or preDispatch().
-- Mon
On Fri, Jul 17, 2009 at 12:59 PM, J DeBord <[email protected]
<mailto:[email protected]>> wrote:
2009/7/16 Vladas Diržys <[email protected]
<mailto:[email protected]>>
Why an action helper, why not a plugin?
I'd like to know as well. Is an action helper more
appropriate for the case I described, or should an action
helper always be used for Authorization ( Zend_Acl anyways)?
In genral, what is the difference beteween front controller
plugins and action helpers. When would you use one instead
of the other?
To give Vladas a short answer based on my case, the front
controller plugin did not provide the functionality I
wanted. An action helper did.
Thanks a lot,
J
<http://www.dirzys.com>
On Thu, Jul 16, 2009 at 14:24, Matthew Weier O'Phinney
<[email protected] <mailto:[email protected]>> wrote:
-- J DeBord <[email protected]
<mailto:[email protected]>> wrote
(on Thursday, 16 July 2009, 09:30 AM +0200):
> I created a front controller plugin for checking
my ACL against the user's
> role. It first checks Zend_Auth for an identity.
If an identity exists, it
> grabs the identity's role. If no identity exists,
it uses 'guest' as the
> default role. I hooked into the preDispatch()
method of the front controller
> plugin.
>
> This works, except that I've lost my "page not
found functionality". So I get
> "resource not found" or "not authorized" message
when requests for non
> existance controllers or actions are made.
>
> Would it be better to have the controllers extend
a "BaseController" that does
> the ACL checks in the init() method?
>
> What is the preferred way or best practice for
running the ACL checks?
Use an action helper with a preDispatch() hook, and
register it in your
bootstrap. :)
--
Matthew Weier O'Phinney
Project Lead | [email protected]
<mailto:[email protected]>
Zend Framework | http://framework.zend.com/
