Re: ACL Roles / Resources

hello Joseph,

i think you have to make an overview about your modules,controllers and
actions, so after that, you have your ACL resources (module +  controller =
resource) and your privileges (actions).

Example:
There are 2 classes: BlogController, BlogCommentController
and each class has the following methods: viewAction, editAction,
deleteAction, approveAction.

So, the resources for your ACL object are "blog" and "blog-comment". The
dash is important, because of camelCased name "BlogComment" and the zf
method getControllerName() returns a dash seperated string for camelCase.

Ok, so each Controller represents its own resource and they have the same
actions (ACL privileges). Zend_Acl will not give "delete" access to a
resource "blog", if there is "delete" access to a resource "blog-comment".
They are different things.

greets,
David

Joseph Crawford wrote:
>
> The Reference manual is a bit daunting when it comes to how to
> implement this.
>
> I understand how to use the stuff based on the examples the question I
> have is where all this goes.  Is this put in the bootstrap file?
> Does each controller need to have the ACL defined in there?
>
> The reason I ask is because I might have these actions for a blog
> (view, edit, delete, approve) but I might also have those actions for
> blog comments.
> I might not want a user who has full privileges for the blog to be
> able to do anything on the blog comments.
>
> Anyone know of a good tutorial / walkthrough that will show me these
> things and hopefully answer these questions?
>
> Thanks,
> Joseph Crawford
>
>

--
View this message in context: http://www.nabble.com/ACL-Roles---Resources-tp17261893p17263210.html
Sent from the Zend Framework mailing list archive at Nabble.com.