Thanks for the answer. I appreciate it. For an old question it still clears up a few things for me.
Jamie
On Wed, May 13, 2009 at 7:45 AM, Avi Block <atblock@gmail.com> wrote:
Wow. This is really old, but still worth answering! The point of
Specks wrote:
>
> I'm trying to figure out how Zend_Acl_Resource_Interface fits in to
> being implemented in to a resource. Could someone please explain to me
> or point me to where I could find an example as to how to use the
> interface?
>
> Jamie
>
>
Zend_Acl_Resource_Interface, is IMO, so that Zend_Acl can be "aware" of your
applications resources, if they are implemented in an object oriented
manner. For example, if you had a class which represents a blog post, that
would be a resource. If your blog post class implements this interface, and
the getRoleId() returns something like "blog_post", you can plug this into
an ACL query like this:
$acl->isAllowed($user, $blog_post, 'edit');
(btw, your User object can also implement Zend_Acl_Role_Interface in a
similar manner).
Which will probably hit a rule like $acl->allow('author', 'blog_post',
array('edit').
This really shines when you use a custom assertion...for example to check if
an author can only edit *his* post. The assertion will wind up with an
actual reference to your blog post object and your user object!
Unfortunately there is reported bug in Zend_Acl which prevents this
behaviour from happening, but there are hacks to fix it.
You can read more about this on my blog
http://www.aviblock.com/blog/2009/03/19/acl-in-zend-framework/
--
View this message in context: http://www.nabble.com/Where-does-Zend_Acl_Resource_Interface-fit-in--tp13922601p23523224.html
Sent from the Zend Auth mailing list archive at Nabble.com.
没有评论:
发表评论