patrickburke.de

Again about Zend Framework.

When I read the documentation of  Zend_Acl for the first time, I thought “My god, you want me to load the whole ACL structure at each request? You can’t be serious.”

Of course not. Again asking Google for help I quickly found a dynamic ACL loader in the framework’s Wiki. That’s it! Works great, but it was a little difficult to use objects as resource/role IDs, even if they implemented  Zend_Acl_Resource_Interface and Zend_Acl_Role_Interface respectively. Therefore I simply overwrote the according method and added the missing desired functionality.

Nonsense! Why? Quite simply: I already had written my own version of Zend_Acl::isAllowed() (not overwritten, my version is part of an ACL plugin which doesn’t inherit from Zend_Acl), which in turn uses Zend_Acl::isAllowed() to determine whether Peter has acces or not (A placeholder which I use all the time, you can type it so fast. No, my password don’t contain it. ;) ).

Anyway, my version of ::isAlllowed() loads all needed roles and resources when invoked (of course with a check whether this has been done already), fetches the rights data from database, uses Zend_Acl::allow() and -::deny() respectively to set the user rights and at the end it uses Zend_Acl::isAllowed() to finally determine what Peter’s rights are. The ACL object should be declared as static to not reinvent the wheel each time the method is invoked.