-- Ralf Eggert <[email protected]> wrote
(on Saturday, 15 September 2012, 11:17 AM +0200):
> to clarify my last message. The ACL check does work for unknown actions.
> It just doesn't work correctly for any unknown controllers.
>
> Currently I am thinking about using the controller loader to try to load
> the controller and only do the ACL check when the controller can be
> loaded. But with this approach the controller loader would be used
> twice. Once in my checkAcl() method and once again in the
> Zend\Mvc\DispatchListener::onDispatch() method.
I just had another idea. Use an initializer.
Initializers allow you to operate on instances when they are first
created by the service or plugin manager. As such, you could attach an
initializer to the ControllerManager, and run your ACL check then -- at
that point, you'll know you have a valid controller.
It would look something like this:
'controllers' => array(
'initializers' => function ($controller, $controllers) {
$services = $controllers->getServiceManager();
$aclService = $services->get('WhateverYouNamedYourAclService');
// At this point, you have your controller and acl service,
// so you likely have the ability to do a check. If the
// check fails, raise an exception here.
}
)
The above could be in a Module's getControllerConfig() method, or as a
standalone initializer class somewhere.
--
Matthew Weier O'Phinney
Project Lead | [email protected]
Zend Framework | http://framework.zend.com/
PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc
--
List: [email protected]
Info: http://framework.zend.com/archives
Unsubscribe: [email protected]
