Updated: Dynamic loaded Zend ACL

Hi everybody,

today i would like to write something about a dynamic loaded and user specific Zend ACL (ZF version 1.11.11). This example requires a working login and access control, just like the example of Niko Klausnitzer.

If this is working, we have to extend the db with the acl entities just as in the following picture.

acl db model

toggle sql script

This ACL works with multi role and single resource inheritance. But only with ALLOW rights, if you need DISALLOW rights, you would have to add priorities. It would be possible to generate the Zend Models out of the db model, using zend db model generator. I've used it in version 0.60. The following ACL code only uses models and no sql statements!

UPDATE: Here you could download my models:
http://goo.gl/FNojG

I have minimally adjusted the generated classes to fit my needs.
If the mappers aren't running, test to rename the folder to "Mapper" or add the string "mappers" to the autoloader.

Some last hint, you have to ensure by dynamic role creation or deletion that all role dependencies are correct (e.g. no loop).

Resources within this example look like "module", "module::controller" or "module::controller::action". The privileges are special rights e.g. "ALL" or something like "yes user you may see this button". It's really a very granular ACL! It would be also possible to use the action as privilege.

(To grant all rights to a resource in the Zend ACL is to allow NULL!)

toggle the ACL

With this example it is possible to dynamically load roles, resources and special user rights from the DB with Zend. It also avoids infinite loops by inheritance. Now you have to load the ACL in the bootstrap and implement some caching methods.

Have Fun!