I've chosen the approach of; if the command is issued from cli ( php_sapi_name() ) I ignore checking against the acl. I can use this method since I have control over the server where the application resides and I know no unauthorized user will execute the application from cli.
If there are better ways I would also be more than happy to know them. With regards Björn 2013/11/1 Julian Vidal <[email protected]> > In a recent Zend Training class, Evan Coury made the point of putting your > ACL in the Service Layer as opposed to sticking it in each Controller. > > While I agree with this, I'm running into an issue with this design and > would need some advice on how to solve it. > > My system needs to run a few cron jobs and I have a couple of Console > routes. When running via cron there is no user logged in so the ACL will > naturally block all access to my Service layer. > > The only thing that I can think of right now is creating a special admin > user in the system, storing their credentials in my app config and logging > them in manually (verifying that this can only be executed from the > console). > > Is this the right way to approach this situation? Can anyone suggest a > better alternative? > > Thanks, > Julian. >
