Studyon Minte9.com
ZF 1.0




Extended example



#index.php
<?php
...
$frontController->registerPlugin(new Application_Plugin_Acl(new Zend_Acl()));


#Application/Plugin/Acl.php

<?php
require_once "Zend/Controller/Plugin/Abstract.php";

class Application_Plugin_Acl extends Zend_Controller_Plugin_Abstract {
	
	private $_acl = null;

	public function __construct(Zend_Acl $acl) {
		$this->_acl = $acl;
		$this->initAcl();
	}

	protected function _addRole($role, $parents=null) {
		$this->_acl->addRole(new Zend_Acl_Role($role), $parents);	
		return $this;
	}

	protected function _add($resource, $parent=null) {
		$this->_acl->add(new Zend_Acl_Resource($resource), $parent);
		return $this;
	}

	protected function _allow($role, $resource=null, $action=null) {
		$this->_acl->allow($role, $resource, $permision);
		return $this;
	}
	
	protected function _deny($role, $resource=null, $action=null) {
		$this->_acl->deny($role, $resource, $permision);
		return $this;
	}

	protected function _isAllowed($role, $resource, $action=null) {
		return $this->_acl->isAllowed($role, $resource, $action);
	}

	public function initAcl() {

		//roles
		$this->_addRole("guest")
			 ->_addRole("user", "guest") // Add a role called user, which inherits from guest
			 ->_addRole("admin", "user")
		;

		//resource
		$this->_add('default')
			 ->_add('default:frontend')
			 ->_add('default:frontend:test')
			 ->_add('default:useraccount')
			 ->_add('users')
			 ->_add('users:frontend')
			 ->_add('users:frontend:auth')
			 ->_add('users:useraccount')
			 ->_add('users:admin')
		;

		//privileges
		$this->_allow('guest', 'default:frontend')
			 ->_allow('guest', 'users:frontend:auth')
			 ->_deny('guest', 'default:frontend:test')
		;
		$this->_allow('user', 'default')
			 ->_allow('user', 'users')
			 ->_deny('user', 'users:admin')
		;
		$this->_allow('admin', 'default')
			 ->_allow('admin', 'users')
		;
	}

	public function preDispatch(Zend_Controller_Request_Abstract $request) {

		$role = Zend_Auth::getInstance()->hasIdentity() ? 'user' : 'guest';
		
		$module = $this->getRequest()->getModuleName();
		$controller = $this->getRequest()->getControllerName();
		$action = $this->getRequest()->getActionName();

		$resource = $module.":".$controller.":".$action;
		
		$role = "guest";
		$resource = "default"; // denied
		$resource = "default:frontend"; // allowed
		$resource = "default:frontend:test"; // denied
		$resource = "users:frontend:auth"; // allowed
		$resource = "users:admin"; // denied

		if (!$this->_isAllowed($role, $resource)) {
			die('denied');
		} else {
			die('allowed');
		}
	}


}


http://stackoverflow.com/questions/2277266/does-zend-acl-suit-my-needs