I had not seen that Ralph. Thank you very much. After a few months getting to know the Framework (and frameworks in general) I finally have reached the point on the learning curve where I can really start understanding how things are working. Of course I still need great answers and examples. This article is really good. Thanks again.
J 2009/7/17 Ralph Schindler <[email protected]> > FYI, if you havent seen this already, its definitely worth a look: > > http://devzone.zend.com/article/4601 > > There are a couple of PDF's linked in there, the most helpful being the > main one about the dispatch cycle. > > Cheers! > ralph > > Jon Lebensold wrote: > >> It's postings like this that keep me on the mailing list. Thanks Mon >> Zafra! >> >> j >> >> On Fri, Jul 17, 2009 at 3:20 AM, Muhammad Ali <imjob.org < >> http://imjob.org>@live.com <http://live.com>> wrote: >> >> Hi J >> I am not sure if it would help but I am using >> Zend_Controller_Plugin_Abstract and registered in Bootstrap and >> works fine. >> function _initPlugins(){ >> Zend_Controller_Front::getInstance()->registerPlugin(new >> Plugin_ControllerAcl()); >> } >> Thanks >> >> *From:* J DeBord <mailto:[email protected]> >> *Sent:* Friday, July 17, 2009 8:02 AM >> *To:* Zend Framework General <mailto:[email protected]> >> *Subject:* Re: [fw-general] Zend_Acl When / Where to check your ACL? >> >> >> >> On Fri, Jul 17, 2009 at 8:58 AM, Muhammad Ali <imjob.org@ >> <mailto:[email protected]>live.com <http://live.com>> wrote: >> >> Hi >> I think you need to add the error resource to the Acl and >> allow >> full access to error controller. >> >> >> You do need to do this, but I was having another issue. It was >> related to when the ACL is being checked, not the access rules >> themselves. >> >> Thanks >> >> *From:* Mon Zafra <mailto:[email protected]> >> *Sent:* Friday, July 17, 2009 7:00 AM >> *To:* Zend Framework General <mailto:[email protected]> >> *Subject:* Re: [fw-general] Zend_Acl When / Where to check your >> ACL? >> >> >> The plugin preDispatch() is invoked earlier than the helper >> preDispatch(). The order kinda looks like this: >> >> plugins.routeStartup() >> router.route() >> plugins.routeShutdown() >> plugins.dispatchLoopStartup() >> [loop] >> plugins.preDispatch() >> [if controller exists] >> controller.init() >> helpers.preDispatch() >> controller.preDispatch() >> controller.action() >> controller.postDispatch() >> helpers.postDispatch() >> [/if] >> plugins.postDispatch() >> [/loop while request.isDispatched is false] >> plugins.dispatchLoopShutdown() >> >> The problem with the ACL plugin is that the checking is done >> before the dispatcher could determine if the controller class >> being requested exists. There are a couple of ways to solve this: >> >> - pull the dispatcher object from the front controller, test >> $dispatcher->isDispatchable($request) in your plugin and act >> accordingly. Basically, you duplicate the logic in the >> dispatcher dispatch(). >> - defer the checking until after the controller has been >> instantiated but before the action. >> >> You have three places to do the latter: controller init(), >> helper preDispatch() and controller preDispatch(). Two of those >> require you to extend a different base controller. I prefer >> doing it in a helper since I might want to have other logic in >> some of my controller hooks so I don't have to remember calling >> parent::init() or preDispatch(). >> >> -- Mon >> >> >> On Fri, Jul 17, 2009 at 12:59 PM, J DeBord <[email protected] >> <mailto:[email protected]>> wrote: >> >> >> >> 2009/7/16 Vladas Diržys <[email protected] >> <mailto:[email protected]>> >> >> Why an action helper, why not a plugin? >> >> >> I'd like to know as well. Is an action helper more >> appropriate for the case I described, or should an action >> helper always be used for Authorization ( Zend_Acl anyways)? >> >> In genral, what is the difference beteween front controller >> plugins and action helpers. When would you use one instead >> of the other? >> >> To give Vladas a short answer based on my case, the front >> controller plugin did not provide the functionality I >> wanted. An action helper did. >> >> Thanks a lot, >> >> J >> >> <http://www.dirzys.com> >> >> >> >> On Thu, Jul 16, 2009 at 14:24, Matthew Weier O'Phinney >> <[email protected] <mailto:[email protected]>> wrote: >> >> -- J DeBord <[email protected] >> <mailto:[email protected]>> wrote >> >> (on Thursday, 16 July 2009, 09:30 AM +0200): >> > I created a front controller plugin for checking >> my ACL against the user's >> > role. It first checks Zend_Auth for an identity. >> If an identity exists, it >> > grabs the identity's role. If no identity exists, >> it uses 'guest' as the >> > default role. I hooked into the preDispatch() >> method of the front controller >> > plugin. >> > >> > This works, except that I've lost my "page not >> found functionality". So I get >> > "resource not found" or "not authorized" message >> when requests for non >> > existance controllers or actions are made. >> > >> > Would it be better to have the controllers extend >> a "BaseController" that does >> > the ACL checks in the init() method? >> > >> > What is the preferred way or best practice for >> running the ACL checks? >> >> Use an action helper with a preDispatch() hook, and >> register it in your >> bootstrap. :) >> >> -- >> Matthew Weier O'Phinney >> Project Lead | [email protected] >> <mailto:[email protected]> >> Zend Framework | http://framework.zend.com/ >> >> >> >> >> >> >>
