Studyon Minte9.com
ZF 1.0




Config



#Application/config/application.ini
[acl]

;ROLES
acl.roles.guest = null
acl.roles.user = guest
acl.roles.admin = user

;RESOURCES
;allow
acl.resources.allow.default.frontend.all = guest

;deny
acl.resources.deny.default.frontend.index = guest

#index.php
<?php
...
$frontController->registerPlugin(new Application_Plugin_Acl(new Zend_Acl()));


#Application/Plugin/Acl.php
<?php
require_once "Zend/Controller/Plugin/Abstract.php";

class Application_Plugin_Acl extends Zend_Controller_Plugin_Abstract {
	
	private $_acl = null;

	public function __construct(Zend_Acl $acl) {
		$this->_acl = $acl;
		$this->initAcl();
	}
	
	# CONFIG

	public function initAcl() {
		
		$config = new Zend_Config_Ini('Application/config/acl.ini', 'acl');
		$roles = $config->acl->roles;
		$resources = $config->acl->resources;

		$this->_addRoles($roles);
        $this->_addResources($resources);
	}
	
	public function _addRoles($roles) {

		// roles (user => guest (parent))
        foreach ($roles as $role => $parents) {
            
			if (!$this->_acl->hasRole($role)) {

				// no role parent
                if (empty($parents)) {
                    $parents = null;
                } else {
                    $parents = explode(',', $parents);
                }

				// add Role
				$this->_acl->addRole(new Zend_Acl_Role($role), $parents);
             }
         }
    }

	public function _addResources($resources) {

		// permisions (allow, deny)
		foreach ($resources as $permission => $modules) {
			
			// modules (default, users)
			foreach ($modules as $module => $controllers) {
			
				// controllers (frontend, useraccount)
				foreach ($controllers as $controller => $actions) {
					
					// resource (default:frontend)
					$resource = $module.":".$controller;
					
					// actions (auth => user)
					foreach ($actions as $action => $role) {
						
						// add Resource
						if (!$this->_acl->has($resource)) {
							$this->_acl->add(new Zend_Acl_Resource($resource));
						}
						
						// resource (default:frontend:auth)
						if ($action == 'all') {
							$privilege = null;
						} else {
							$privilege = $action;
						}

						// allow Permision
						if ($permission == 'allow') {
							$this->_acl->allow($role, $resource, $privilege);
						}

						// deny Permission
						if ($permission == 'deny') {
							$this->_acl->deny($role, $resource, $privilege);
						}
					}
				}
			}
		}
        
    }

	public function preDispatch(Zend_Controller_Request_Abstract $request) {
		
		$role = "guest";
		$resource = "default:frontend";
		$privilege = 'index';

		if (!$this->_acl->isAllowed($role, $resource, $privilege)) {
			die('denied');
		} else {
			die('allowed');
		}
	}



}


http://joe.topjian.net/post/483759115/my-zend-acl-implementation