Database Driven Zend ACL Controlling Access To Your Web Application

Feb.08, 2011 in PHP Stuff, Web Developement, Zend Framework

Zend Framework provides a brilliant tool for controlling access levels to your web application. This tool is called Zend_Acl. It consists of a handful of classes for generating roles and resources. These resources can then be allowed and/or dis-allowed on a per role basis. Roles can also inherit each other which makes for quite a flexible access control list.

In it’s basic form a control list can be built using the following code;

  $objAcl = new Zend_Acl();
 
  $objAcl->addRole(new Zend_Acl_Role('guest'));
  $objAcl->addRole(new Zend_Acl_Role('member'));
  $objAcl->addRole(new Zend_Acl_Role('admin'));
 
  $objAcl->add(new Zend_Acl_Resource('blog_post_comments'));
  $objAcl->add(new Zend_Acl_Resource('admin_panel'));
  $objAcl->add(new Zend_Acl_Resource('blog_posts'));
 
  $objAcl->allow('guest','blog_posts');
  $objAcl->allow('member','blog_posts');
  $objAcl->allow('member','blog_post_comments');
  $objAcl->allow('admin','admin_panel')

For most applications this is enough, the ACL can be hard coded and run on all requests. This approach suits those applications that have a definitive set of roles, and each role has a definitive set of resources.

What happens when you want to edit a role, or give a particular user, access to all the resources of the “Editor” role but, also a handful of resources from the “Admin” role? Well, in this instance you could just edit your ACL code, but this will become tedious on a large system when there are numerous amounts of special cases like this. Storing the roles and resources in a database is better suited to this. You can even build a nice frontend to the database for easy administration. This type of implementation is rarely documented but it seems to be the most adopted. Over the next couple of posts I intend on guiding you through an implementation I have put into practice through my work which will shortly be going into production. It’s very flexible and will suit most web applications.

To jump straight in follow the links below:

Database Driven Zend ACL Tutorial Part One
Database Driven Zend ACL Tutorial Part Two
Database Driven Zend ACL Tutorial Part Three will follow towards the end of this week.

Tags: php, Web Developement, Zend Framework, Zend_Acl

Welcome

This blog is where I purge my aspirations, and write about technical solutions that I might need to refer back to. I hope it helps you as much as it helps me.

Sponsors

Categories
- jQuery (2)
- Linux (4)
- MythTv (2)
- News (2)
- PHP Stuff (5)
- Projects (2)
- Web Developement (9)
- Zend Framework (4)
Tags
Add new tag affilates ajax apache blog dvb frameworks jQuery Linux linux server debian MythTv News php rewrites Smarty Web Developement Zend Framework Zend_Acl zeus
Recent Posts
Recent Comments
Blogroll
Archives

davidjclarke.co.uk

Professional Web Development Blog

Database Driven Zend ACL Controlling Access To Your Web Application

Leave a Reply

Welcome

Sponsors

Categories

Recent Posts

Recent Comments

Blogroll

Archives