Re: [fw-mvc] Problems with ACL assertions

Also, I forgot to mention. The reason getParam won't work, is because you're creating a brand new instance of your request. This object hasn't had any interaction with the router to receive any parameters.

On Mon, Dec 14, 2009 at 12:54 PM, Andreas Baumgart <ab@polycast.de> wrote:

Instead of this creating a new instance of new Zend_Controller_Request_Http() you could try to get the request object from Zend_Controller_Front. I don't think the routes are applied to your request.

Cheers!
Andreas

On 14.12.2009, at 18:32, Andrew Sledge wrote:

Hi everyone.

I am having trouble getting request params in my custom ACL assertion
class.  I am passing the parameters via a custom route.  The ACLs are
registering correctly, so I know that's not it.

The following code should help explain:

Bootstrap.php
[CODE]
protected function _initRoutes()
{
     $frontController = Zend_Controller_Front::getInstance();
     $router = $frontController->getRouter();
     $route = new Zend_Controller_Router_Route(
               '/user/profile/id/:id',
         array(
                               'controller' => 'user',
                               'action'     => 'profile',
               )
     );
    $router->addRoute('applicationview', $route);
    return $router;
}

protected function _initAcl()
{
     require_once(dirname(__FILE__) . '/Acl.php');
     require_once(dirname(__FILE__) .
'/../library/Home/Controller/Plugin/AuthPlugin.php');
     $frontController = Zend_Controller_Front::getInstance();
     $frontController->registerPlugin(new AuthPlugin());
}
[/CODE]

Acl.php:
$acl->allow('staffer', 'user', 'profile', new Home_Acl_Assert_Profile());

library/Home/Acl/Assert/Profile.php:
[CODE]
class Home_Acl_Assert_Profile implements Zend_Acl_Assert_Interface
{
public function assert(Zend_Acl $acl,Zend_Acl_Role_Interface
$role=null, Zend_Acl_Resource_Interface $resource=null,$privileges=null)
{
 $auth = Zend_Auth::getInstance();
 if ($auth->hasIdentity()) {
   $request = new Zend_Controller_Request_Http();
   $requestid = $request->getQuery('id');
   $identity = $auth->getIdentity();
   if($identity->role == 'admin' || ($requestid == $identity->uid)) {
     return "allowed";
   } else {
     return "denied";
   }
 } else {
   return "denied";
 }
 return "denied";
}
}
[/CODE]

If I request /user/profile/?id=1 the assertion class recognizes the ID
parameter (returns allowed).  If I use /user/profile/id/1, if fails
(returns denied).  Any thoughts on how I can get the assertion class to
recognize the parameters?





--
Andrew Sledge
andrew.j.sledge@gmail.com

PGP Key: 0x869E3649
http://pgp.mit.edu:11371/pks/lookup?search=0xDD779230869E3649