i just implemented ACL in my Zend Framework which already uses Zend Auth.
I want to give access to some controllers and tried it this way:
$roleGuest = new Zend_Acl_Role('guest');
$this->addRole($roleGuest);
$this->addRole(new Zend_Acl_Role('supplier'));
$this->addRole(new Zend_Acl_Role('admin'));
$this->add(new Zend_Acl_Resource('Articles'));
$this->add(new Zend_Acl_Resource('Index'));
$this->deny();
$this->allow('supplier', 'Articles');
$this->allow('admin', null);
But a user, who is supplier (he is really :)) is not able to see the Controller Articles. What am I doing wrong?
Thanks for help.
BR frgtv10
I think the best solution is to create a plugin and write something like this
class Application_Controller_Plugin_AclManager extends Zend_Controller_Plugin_Abstract
{
public function preDispatch(Zend_Controller_Request_Abstract $Request)
{
$AclManager = new Zend_Acl();
$AclManager->addRole(new Zend_Acl_Role('Guest'));
$AclManager->addRole(new Zend_Acl_Role('Supplier'), 'Guest');
$AclManager->addResource(new Zend_Acl_Resource('controller1'));
$AclManager->addResource(new Zend_Acl_Resource('controller2'));
$AclManager->addResource(new Zend_Acl_Resource('controller3'));
$AclManager->allow('Guest', 'controller1', 'index');
$AclManager->allow('Supplier', 'controller2');
$AclManager->allow('Supplier', 'controller3');
It will work great. In addition you can write
if (! $AclManager->isAllowed(USER_ROLE, $Request->getControllerName(), $Request->getActionName()))
{
$this->getResponse()->setRedirect(SOME_URL_TO_REDIRECT);
}