Hello again, In the code I posted about dynamic acl rules from db, (http://pastie.org/650296) there is a disadvantage that I could not solve yet (just found it a few hours ago).
The problem is that, if the user not logged in and the resource requires logged in member, then the plugin sends the user to the login page. If the page is a not found/non-existing controller or action, then the same rule is applied if the user is not logged in. In other words, if not logged in, the user is forwarded to the login page whether the page is existing or not(non-existing page). I think that the correct way is to check if the page exists or not and then redirect the user to the login page if it exists. if not, redirect the user to not found page. I am not sure where and how to check if the page is non-existing page/action and put a condition there. I checked all the methods of dispatch mechanism but not quite clear how to apply this patch. Any help or comments.. Thanks, scs On Sun, Oct 11, 2009 at 5:01 PM, scs <[email protected]> wrote: > Hello, > I found a bug in the code I pasted below. To fix it, please remove > line 30 which is: > $this->_linkRole = 'guest'; in __construct function > > scs > > On Sun, Oct 11, 2009 at 2:12 PM, scs <[email protected]> wrote: >> Hi, >> Here is the finished plugin code. Yet, it still needs some cleaning >> and improvements.. >> http://pastie.org/650296 >> >> Best, >> scs >> >> On Sun, Oct 11, 2009 at 2:03 PM, holografix . <[email protected]> wrote: >>> Hi >>> >>> It would be nice if you share your code. >>> >>> Cheers >>> holo >>> >>> 2009/10/11 scs <[email protected]> >>>> >>>> Matthew, thank you for your comment and explanation. >>>> >>>> >>>> I removed the My_Acl class and used directly $acl = new Zend_Acl.... >>>> And then moved everything to the plugin using custom methods for >>>> getting/setting resources. And then >>>> in plugin-native methods, I created the rules and check if user is >>>> allowed or not. >>>> That works fine now. I can paste the code in pastie if anybody would >>>> like to see or comment on it.. >>>> >>>> Thanks all, >>>> scs >>>> >>>> On Fri, Oct 9, 2009 at 9:14 PM, Matthew Weier O'Phinney >>>> <[email protected]> wrote: >>>> > -- scs <[email protected]> wrote >>>> > (on Friday, 09 October 2009, 08:50 PM +0300): >>>> >> Thank you all. >>>> >> In fact I am aware of that the routing does not take place in >>>> >> bootstrap but only with the help of plugins. >>>> >> >>>> >> This is the short story why i needed it: >>>> >> I was implementing a zend_acl system which is stored on db. >>>> >> In this system, every page has a record in db and every page is given >>>> >> a role (a common role: guest, member etc.). >>>> >> sample table: >>>> >> fields: id, name, module, controller, action, role >>>> >> values:1, contact, default, contact, index, guest >>>> >> >>>> >> To initiate the acl, I have a function _initAcl() in bootstrap file: >>>> >> { >>>> >> //get frontcontroller and auth >>>> >> ... >>>> >> $acl = new My_Acl(); >>>> >> $frontController->registerPlugin(new My_Plugin_Acl($acl, $auth)); >>>> >> } >>>> >> >>>> >> >>>> >> The class My_Acl has the function: >>>> >> __construct() { >>>> >> 1. get roles and resources from db (private functions of this >>>> >> class): No Problem >>>> >> 2. add them to acl ($this->addResource/addRole): No Problem >>>> >> 3. find the requested page from the db and gets its role ??? >>>> >> 4. set allow rule for the page: $this->allow(page_role_name, >>>> >> resource, action) ??? >>>> >> } >>>> >> >>>> >> The problem is in the 3rd step; I need to find the controller name and >>>> >> action name so that >>>> >> I can fetch the page's role_name from the db with the requested >>>> >> controller and action name. And then go on 4th step above. >>>> > >>>> > >>>> > I'd say you're doing too much in your constructor. >>>> > >>>> > Move 3 and 4 to a separate method, and call that method from >>>> > routeShutdown() or dispatchLoopStartup(). At that point you'd know the >>>> > actual controller/action pair, and will have no problems. >>>> > >>>> > >>>> >> Lets say the requested page is url/contact/index >>>> >> >>>> >> To get this page record from the db, >>>> >> I need to know the controller_name and action_name so that >>>> >> I can get the contact page's (where controller=$controller and action >>>> >> = $action) role name. >>>> >> >>>> >> However, I could not get the controller and action name in My_Acl. >>>> >> >>>> >> I am able to get them in the plugin but then I have to add roles and >>>> >> resources(1st and 2nd step of __construct) in My_Acl >>>> >> and the 3rd and 4th steps (find page data and set allow/deny rules) in >>>> >> the plugin. >>>> >> >>>> >> In other words, I have to divide the acl jobs between the plugin and >>>> >> My_Acl class. >>>> >> I just wanted to set all the roles, resources and rules in My_Acl and >>>> >> then in the plugin only check >>>> >> if isAllowed or not and route them to login or denied page. >>>> >> >>>> >> This is it. Hope I made it clear. I am not very much experienced and >>>> >> knowledgeable yet on ZF but still reading tons of articles and codes. >>>> >> And I would be pleased if I can hear any comments, recommendations, >>>> >> some better practices or improvements. >>>> >> >>>> >> Thanks >>>> >> scs >>>> >> >>>> >> On Fri, Oct 9, 2009 at 6:48 PM, David Mintz <[email protected]> >>>> >> wrote: >>>> >> > >>>> >> > >>>> >> > On Fri, Oct 9, 2009 at 8:46 AM, Vadim Gabriel <[email protected]> >>>> >> > wrote: >>>> >> >> >>>> >> >> i don't think they exits there yet. Those values are being set after >>>> >> >> the >>>> >> >> bootstrap and the dispatch process. >>>> >> > >>>> >> > >>>> >> > Therefore, this is the way to go, at least for the time being: >>>> >> > http://framework.zend.com/manual/en/zend.controller.plugins.html >>>> >> > >>>> >> > -- >>>> >> > David Mintz >>>> >> > http://davidmintz.org/ >>>> >> > >>>> >> > The subtle source is clear and bright >>>> >> > The tributary streams flow through the darkness >>>> >> > >>>> >> >>>> > >>>> > -- >>>> > Matthew Weier O'Phinney >>>> > Project Lead | [email protected] >>>> > Zend Framework | http://framework.zend.com/ >>>> > >>> >>> >> >
