I'm very new to ACL and it's not something we've tried below. Any guidance would
be appreciated; I'm going to start with code experimentation but would like to
know if I'm on the right track.
We are using a custom developed CMS which is using ZF", and we have our front
end website as well. The CMS uses a controller called "AdminController", and the
front end only uses a controller called "IndexController". I want to introduce
access control to this CMS. Therefore some user groups will be restricted to
some areas of the CMS.
Current potential solution :
I'm thinking of achieving this functionality as described below.
1. Have a database table to store the type of the user.
2. Have a separate table to store the pages the user is allowed or not allowed.
3. Check in each page whether the user have the access or not and display the
page accordingly.
Which is the best way to implement this using Zend framework? "Zend_Auth" or
"Zend_Acl" ? I have looked in to the "Zend_Acl" and it sounds good, however
could someone guide me - what is the procedure for implementing this? Here are
the links I found:
http://framework.zend.com/manual/en/zend.acl.introduction.html
http://framework.zend.com/wiki/pages/viewpage.action?pageId=39025
The gist of my understanding is:
- In the AdminController (or is it bootstrap.php) I have to define a set of
Roles and Resources that are accessed/denied for those roles. This follows the
above tutorial example. In my case, I need to add a new user role called "staff
user" who will just have access to one function in the CMS, a basic "customer
lookup" reporting function.
- However I also need to check (in the "customer lookup" function) if the
logged-in user has access rights to view this page. In all other pages, I need
to DENY access rights actually, if the logged in user is a "staff user". Is
there a tutorial like this which explains it for newbies? Or could someone guide
me on what kind of code goes where?
I'm not sure how I can tell ZF the name of the resource of each section/function
of the CMS. For example, if I have a section called "Reports", and functions
called
- "Customer Lookup"
- "Orders report"
- "Members report"
then what code would I put in for each of the above controller functions to
assign a resource name and possibly a module/sub-resource name to each function?
Many thanks,
Rishi
没有评论:
发表评论