hello Joseph,
i think you have to make an overview about your modules,controllers and actions, so after that, you have your ACL resources (module + controller = resource) and your privileges (actions).
Example:
There are 2 classes: BlogController, BlogCommentController
and each class has the following methods: viewAction, editAction, deleteAction, approveAction.
So, the resources for your ACL object are "blog" and "blog-comment". The dash is important, because of camelCased name "BlogComment" and the zf method getControllerName() returns a dash seperated string for camelCase.
Ok, so each Controller represents its own resource and they have the same actions (ACL privileges). Zend_Acl will not give "delete" access to a resource "blog", if there is "delete" access to a resource "blog-comment". They are different things.
greets,
David
Joseph Crawford wrote:
The Reference manual is a bit daunting when it comes to how to
implement this.
I understand how to use the stuff based on the examples the question I
have is where all this goes. Is this put in the bootstrap file?
Does each controller need to have the ACL defined in there?
The reason I ask is because I might have these actions for a blog
(view, edit, delete, approve) but I might also have those actions for
blog comments.
I might not want a user who has full privileges for the blog to be
able to do anything on the blog comments.
Anyone know of a good tutorial / walkthrough that will show me these
things and hopefully answer these questions?
Thanks,
Joseph Crawford
