Search code examples
zend-frameworkaclzend-acl

Zend_Acl, with roles and permissions stored in database


i want to build an ACL system for my application which have the following requirement.

  1. Users will be assigned single or multiple role. (Admin, Staff) etc.
  2. Role will have permissions.(Send_Invoices, Send_mail, Delete_Invoices, Send_Estimate) etc.
  3. User will be assigned custom permission apart from the role it inherits.

my database structure for ACL is as follows

role:
+----------+-------------+------+-----+---------+----------------+
| Field    | Type        | Null | Key | Default | Extra          |
+----------+-------------+------+-----+---------+----------------+
| id       | int(11)     | NO   | PRI | NULL    | auto_increment |
| roleName | varchar(50) | NO   | UNI | NULL    |                |
+----------+-------------+------+-----+---------+----------------+
permission:
+----------------+-------------+------+-----+---------+----------------+
| Field          | Type        | Null | Key | Default | Extra          |
+----------------+-------------+------+-----+---------+----------------+
| id             | int(11)     | NO   | PRI | NULL    | auto_increment |
| permissionName | varchar(50) | NO   |     | NULL    |                |
| permissionKey  | varchar(50) | NO   | UNI | NULL    |                |
+----------------+-------------+------+-----+---------+----------------+
role_permission
+---------------+---------+------+-----+---------+----------------+
| Field         | Type    | Null | Key | Default | Extra          |
+---------------+---------+------+-----+---------+----------------+
| id            | int(11) | NO   | PRI | NULL    | auto_increment |
| role_id       | int(11) | NO   | MUL | NULL    |                |
| permission_id | int(11) | NO   |     | NULL    |                |
+---------------+---------+------+-----+---------+----------------+
user_role
+---------------+---------+------+-----+---------+----------------+
| Field         | Type    | Null | Key | Default | Extra          |
+---------------+---------+------+-----+---------+----------------+
| id            | int(11) | NO   | PRI | NULL    | auto_increment |
| user_id       | int(11) | NO   | MUL | NULL    |                |
| role_id       | int(11) | NO   |     | NULL    |                |
+---------------+---------+------+-----+---------+----------------+
user_permission
+---------------+---------+------+-----+---------+----------------+
| Field         | Type    | Null | Key | Default | Extra          |
+---------------+---------+------+-----+---------+----------------+
| id            | int(11) | NO   | PRI | NULL    | auto_increment |
| user_id       | int(11) | NO   | MUL | NULL    |                |
| permission_id | int(11) | NO   |     | NULL    |                |
+---------------+---------+------+-----+---------+----------------+

i have migrated to Zend Framework, and having problem deciding wether Zend_Acl allows me to implement the current structure. my question is.

  1. is it possible for me to implement the ACL with current database structure to do the needful in Zend Framework?
  2. is there any better implementation that could allow me to achieve what i want in zend framework?

i will be grateful if someone could provide me a way to get started with what i need to do. any resources, links that could help me?

thank you.


Solution

  • Well I think this structure is really good , to get this working you had to do 2 steps

    1-Setup all the databases and requirements

    2- create an ACL plugin that determine the user's role and his permissions

    some example with doctrine support :

    Developing a Doctrine-backed ACL helper TDD-style, part 1

    Developing a Doctrine-backed ACL helper TDD-style, part 2

    another simple ACL :

    Dynamic custom ACL in zend framework?