Hi, After reading the Zend_Acl section of the manual I still have some questions of how to apply in my project. My users can be of 3 types: type1, type2 or type3. I'll have some admin area where only authenticated users can access and on this area (some controllers) I'll have two "types" of access controls:
a) The first one would be a simple deny/allow for the entire controller or actions based on the "type" of the user. For example: the controller TagController (and allow actions) can be accessed only if the logged user is of type3. b) The second is more fine to the service/object level. For example: the type3 user can see and alter data that has been created (like posts from other users). The other user types can only see/change the data they have created. Or still, If I am a type2/type3 user I can add two images with my article but if I am a type1 I can only add one image. All content generated by the users (in the db) have a user_id field so I can tell who has created it. I am using the "service" approach where my models are POPOs and all methods are actually defined in SomethingService (like ArticleService) For the Acl part I am considering creating three tables: Resource : id, controllerName, actionName Role : id, roleName ResoureRole : role_id, resource_id I am missing: a) how to use zend_acl to enforce such b) where in the controllers (init? _preDispatch?) c) where in the services? d) How to define the fine control (like the number of images mentioned). Somehow in a db or in the service code itself Regards. -- List: [email protected] Info: http://framework.zend.com/archives Unsubscribe: [email protected]
