Search code examples
phpzend-frameworknavigationzend-acl

I can't get navigation working correctly with Zend_Acl


I don't know what is the problem, but the navigation menu that I'm trying to set up, is not showing up correctly ..

All the navigation pages that contains the tag < resource > are not showing up for all type of users type (admin, guest and member ), any idea why I have this problem ?

Here's a part of my navigation.xml file :

<nav>
    <home>
        <label>Acceuil</label>
        <controller>index</controller>
        <action>index</action>
    </home>

    <contact>
        <label>Contact</label>
        <controller>index</controller>
        <action>contact</action>
        <resource>index</resource>
    </contact>

    <Categories>
        <label>Categories</label>
        <controller>index</controller>
        <action>categories</action>
    </Categories>

    <administration>
        <label>Administration</label>
        <controller>admin</controller>
        <action>index</action>
        <resource>admin</resource>
        <pages>
                <societes>
                    <label>Societes</label>
                    <controller>admin</controller>
                    <action>societes</action>
                    <resource>admin</resource>
                </societes>
        </pages>
    </administration>
</nav>

, my _initAcl in Bootstrap :

$acl = new Zend_Acl();
    // add the roles
    $acl->addRole(new Zend_Acl_Role('guest'));
    $acl->addRole(new Zend_Acl_Role('user'), 'guest');
    $acl->addRole(new Zend_Acl_Role('admin'), 'user');

    // add the resources I have only two controller + Error
    $acl->add(new Zend_Acl_Resource('index'));
    $acl->add(new Zend_Acl_Resource('admin'));
    $acl->add(new Zend_Acl_Resource('error'));

    // set up the access rules
    $acl->allow(null, array('error'));
    // a guest can only read content and login
    $acl->allow('guest', 'index', array('contact', 'index', 'login', 'categories'));
    // users can also work with content
    $acl->allow('user', 'index', array('signaler', 'logout'));
    $acl->deny('user', 'index', array('inscription', 'login'));
    // administrators can do anything
    $acl->allow('admin', 'admin', array('index', 'categories', 'ajout-categorie', 'modifier-categorie', 'supprimer-categorie'));
    $acl->deny('admin', 'index', array('contact'));

    Zend_Registry::set('acl', $acl);

, my _initNavigation() in Bootstrap :

protected function _initNavigation(){

    $this->bootstrap('layout');
    $layout = $this->getResource('layout');
    $view = $layout->getView();
    $config = new Zend_Config_Xml(APPLICATION_PATH . '/configs/navigation.xml', 'nav');
    $container = new Zend_Navigation($config);

    $acl = Zend_Registry::get('acl');
    $auth = Zend_Auth::getInstance();

    if($auth->hasIdentity()) {
        $identity = $auth->getIdentity();
        $role = strtolower($identity->role);
    }else{
        $role = 'guest';
    }
    echo $role;
    $view->navigation($container)->setAcl($acl)->setRole($role);
}

And my Acl class : Application_Plugin_Acl

public function preDispatch(Zend_Controller_Request_Abstract $request){

    $this->acl = Zend_Registry::get('acl');
    // fetch the current user

    $auth = Zend_Auth::getInstance();

    if($auth->hasIdentity()) {
        $identity = $auth->getIdentity();
        $role = strtolower($identity->role);
    }else{
        $role = 'guest';
    }
    $controller = $request->controller;
    $action = $request->action;
    if (!$this->acl->isAllowed($role, $controller, $action)) {
        if ($role === 'guest') {
            $request->setControllerName('index');
            $request->setActionName('login');
        } else {
            $request->setControllerName('error');
            $request->setActionName('noauth');
        }
    }
}

I also have this in my application.ini : pointing on the Acl Class

resources.frontController.plugins.acl = Application_Plugin_Acl

Sorry if the question is too long but I tried all solutions here on Stack Overflow, but nothing worked properly, and


Solution

  • The allow and deny methods I used were wrong:

    $this->allow('guest', 'index');
    $this->deny('guest', array('signaler','logout'));
    
    // cms users can also work with content
    $this->allow('user', 'index');
    $this->deny('user',array('inscription','login'));
    // administrators can do anything
    $this->allow('admin', 'admin');
    
    $this->deny('admin','index',array('contact','about'));